Computer Science Colloquium
Prof. Dr. Michael Franz
University of California, Irvine
Cool Stuff With Virtual Machines: Making Java Much Faster and More Secure (Vortrag auf Deutsch, Folien auf Englisch)
Thu 30.03.2006, 16:15, 60 minutesHS 5
Abstract
In this talk, I will report on two major ongoing research projects we are conducting at UC Irvine. In the first project, we have have extended the Java Virtual Machine with a per-object tagging mechanism that allows to implement Multi-Level Security schemes and Perl-style taint propagation. Our system can track the origin of information and enforce security policies auch as (don't send secrets on network), where secret is a data item read from a specific category of file. Existing Java VMs don't have per-object information flow tracking and hence need to resort to much more restrictive policies. The surprising thing is that the overhead of implementing information-flow tracking in JVM is much smaller than expected, on the order of 5% runtime cost. Our implementation is 100% compatible with the existing Java platform, the policies are external to the JVM, and the system can stop malicious and faulty Java programs (including cross-scripting attacks). The second project is a revolutionary new way of building just-in-time compilers. We are able to achieve about 50% of the performance of the best just-in-time compilers such as HotSpot in less than 1% of the effort. Key to this success is a novel application of Static Single Assignment form to trace-based compilation.Bio
Michael Franz is an Associate Professor in the Donald Bren School of Information and Computer Science at the University of California, Irvine. His current research focuses primarily on security and efficiency aspects of mobile code. Other research interests include code compression, dynamic compilation, compiling for low power use, and programming languages and architectures for component-based software construction. Franz received a Dr. sc. techn. degree in Computer Science (advisor Niklaus Wirth) and a Dipl. Informatik-Ing. degree, both from the Swiss Federal Institute of Technology, ETH ZurichInvited by o. Univ.-Prof. Dipl.-Ing. Dr. Hanspeter Mössenböck
The Computer Science Colloquium is organized by the Department of Coputer Science at JKU, the Österreichische Gesellschaft für Informatik (ÖGI) and the Österreichische Computergesellschaft (OCG).