This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
A virtual machine is taking the physical computer and splitting it into virtual machines. Which fools the operating system into thinking that the programs that run within the vm are on the actual physical drive, where in fact they are just sharing the hardware be it the processor memory or hard drive. Its a machine that works within a machine although the jvm does not physically exist. Benefits from using this method include resource sharing and isolation.
When a computer is running solely by itself with no use of virtualization all of the resources it has are been dedicated to execution of programs. So when a computer has 4GB of RAM but a program only needs say 2 gb to carry out a program running then there is 2gb been simply wasted. Whereas when a computer implements a virtual machine it can allocate resources to other areas giving a better assignment of resources. For isolation Virtual machines when running appear to be an independent computer when in reality they are only simulated machines indirectly running on the users computer. Virtual machines are divided into two categories. A system virtual machine, is based on operation of a full system platform and is capable of executing a complete operating system. The share all the physical hardware on a machine. A huge advantage of this is that it allows for multiple operating systems to be executed on a single computer. The other type is a process virtual machine, which only runs a single program. It is created while running and is destroyed once complete or on exit. This is where java gets its main use under a java virtual machine.
Java is an independent architecture, it is an easy to learn language and is widely used by code developers. It has been mixed into web browsers and giving similar syntax to html. When html used the applet tag java assigned an applet class. These applets could then be put into web pages and then allowed to be downloaded form the internet to a users computer. Applets in the java language are similar to any other application, but do have two main differences. One an application is giving the header public static main(string argv) whereas in an applet is just a subclass that belongs to the java applet class. Secondily applets view resources of a computer differently and so take extra precautions and measures in dealing with security. One of the main concepts is a sandbox applet. What this does is, once an applet is downloaded when it reaches the execution stage of the computer, it has no access to the machines resources, and instead is executed within a 'sandbox' which is a controlled environment to allow applets to be executed without gaining access to system resources. When the issue arrises that an applet needs to gain access to a resource, it will give a check and play it out within the sandbox, if the check does not go to plan, an exception will be giving. An example of this feature is done within the internet explorer. What the security feature does within this environment is to deny any access of an applet to a system resource. In certain cases where it must be forced to be giving access, and deemed to be secure. The user must give permission for the applet to have access. Security features that are implemented are that applets that run within a sandbox environment is that while it doesnâ€™t allow access to system resources it also doesnâ€™t allow an applet to be able to change or edit files on the users machine. Meaning the ability to read or write files is disallowed. Also the applets cant be allowed to create network servers unless the use a tcp port number apove 1024. Which means that if an attacking applet tried to impersonate a popular tcp company or service. They simply could not if been executed within the sandbox applet. This means that they can then not able to have access to run programs or implement java methods or libraries. The sandbox simply locks the applet down.
The java virtual machine is the run environment that gives java its mobility and security. There are three main areas for key security and to provide overall security in the environment.
the java class file.
The byte code language
Byte code verifier
The java class file is the way in which java class files are stored in independence. In the class file details include its super class defining fields and the interfaces it implements. Security in this area only remain basic and requires that the class file is in a .class format.
The java byte code language is the language that is interpreted by the java virtual machine .it is a basic level language with instructions based around different registers and stacks ie push and pop values, register content and arithmetic and logical operations. For this reason the security revolving around this area is to check that the byte code sequence and syntax is in the correct order as failure for this can mean leaving the jvm at a risk.
The biggest area for security though is in the byte code verifier. This is where the various checks are carried out before an untrusted application can become trusted and executed on the computer. It makes sure that all bytecode downloaded has correct syntax and meets the same structure that the jvm implies. Overall the verifier insures that the correct syntax is used and class file names are correctly used. The bytecode verification is done when class loading and class linking takes place. This is primarily because of efficiency as further more checks would cause a downgrade in overall runtime effectiveness. The verification process takes 4 passes.
Pass one is when it checks through the structure of the class file and verifies whether or not the syntax is correct to the syntax of the class file format. More specifically it looks through the first four bytes of the class file and makes sure that the magic number is correct from a database.
The second pass is done once the class file has been linked. This does a thorow check through each part of the code, it ensures that the data types are correct and that each section of the code is correct.
The most detailed process of this verification is in the third step. It checks the class methods, and the code attributes.this drills down into the bytecode and analyzes each instruction. It is also here in this stage where it deems the code to be safe or unsafe. If the third pass completes without a failure it is giving the all clear.
In the final pass it takes place during run time of linking classes. It is here where it does a lookup to see if all the references exist and are correct.
Throughout the running of the java bytecode the security manager gives a check on the applets code and is mainly used to make sure that the task of the applet does not violate the security policy or the sandbox applet. If during any stages of the verification process is giving a failure, it will be deemed unsafe.
In the jvm one of the most crucial components is the security manager .This protects the sandbox applet and is primarily used to guarding the security policies of java applications and monitoring any unsafe programs and programs that are requesting access to system resources. Depending on the dictionary of installed security policies it will allow or deny applications.
The security manager is the feature that uses the check method on allowing programs gain access to resources. Check methods include checkread check write or check access. It is these check methods that define the different security policies and are the features in defining a sandbox's restrictions. These checks are ran through mostly in the java api class and by default all applications are given unsafe at first and are held within a protected method. Only when the security manager gives the check, and deems it safe it return to a normal status.
One of the main ways to carry out a successful attack is through a denial of service attack. This is made possible because the security manager does not have a threshold or limit to the amount of memory that can be given to any application, meaning the application can overload the memory of the computer. Another possible means of attack is through the use of having hidden code within the native method itself, as java treats a native method as fully secure giving it no reason to think that its unsafe.
There are several ways to attack a java virtual machine these attacks are done by a majority of spoofing and then confusion attack. Java today is deemed as a safe language and has strict rights on who gains access to sensitive areas within a machine. For applications they cannot me changed or edited by a programmer and only have access to the public interface. The data types used in java are always defined, this makes it possible to do a conversion of different data types, but has to be done in a precise manner.
A confusion attack can take place during this process down at the java byte code level. Simply put, it is possible to change a data type to your type and have it reference to another object. The jvm uses a check cast instruction this checks to see if the data type given can be used to a referenced object. The instruction from the byte code are then checked by the verifier. But there is no checks required during the runtime of a conversion. It confuses the vm because by making the vm confused about the object that is to be manipulated. The attack happens due to a flaw within a java virtual machine and the attack is able to bypass a classes protection due to the confusion attack.
The class loader is used for linking classes and loading the classes into memory or to the virtual machine, but also giving definitions to the classes for the jvm. When a virtual machine needs the byte codes from different classes it requests it from the class loader. An attack can take place here because a jvm is possible to have more than one class loader, if the loader is not maintained, by having its own unique name space a spoof attack can happen leading to again another confussion attack.
Another way to attack a jvm is to get around the sandbox altogether. This is carried out by a privlege attack. By editing a class to appear as fully trusted by the security manager.