Digital Library

Abstract

.NET Security: Lessons Learned and Missed from Java

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSAC.2004.1

20th Annual Computer Security Applica ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Nathanael Paul Articles by David Evans

	ASCII Text	x
	Nathanael Paul, David Evans, ".NET Security: Lessons Learned and Missed from Java," Computer Security Applications Conference, Annual, vol. 0, no. 0, pp. 272-281, 20th Annual Computer Security Applications Conference (ACSAC'04), 2004.

	BibTex	x
	@article{ 10.1109/CSAC.2004.1, author = {Nathanael Paul and David Evans}, title = {.NET Security: Lessons Learned and Missed from Java}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2004}, issn = {1063-9527}, pages = {272-281}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSAC.2004.1}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - .NET Security: Lessons Learned and Missed from Java SN - 1063-9527 SP272 EP281 A1 - Nathanael Paul, A1 - David Evans, PY - 2004 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

Nathanael Paul, University of Virginia

David Evans, University of Virginia

Many systems execute untrusted programs in virtual machines (VMs) to limit their access to system resources. Sun introduced the Java VM in 1995, primarily intended as a lightweight platform for execution of untrusted code inside web pages. More recently, Microsoft developed the .NET platform with similar goals. Both platforms share many design and implementation properties, but there are key differences between Java and .NET that have an impact on their security. This paper examines how .NET's design avoids vulnerabilities and limitations discovered in Java and discusses lessons learned (and missed) from Java's experience with security.

Citation:

Nathanael Paul, David Evans, ".NET Security: Lessons Learned and Missed from Java," acsac,pp.272-281, 20th Annual Computer Security Applications Conference (ACSAC'04), 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.

				Searching...	Advanced Search
	CS Search		Google Search