Jerzy KRAWIEC1, Piotr GÓRNY2, Maciej KIEDROWICZ2 and Tomasz Kowalczyk1
1 Warsaw University of Technology, Warsaw, Poland
2 Military University of Technology, Warsaw, Poland
The Java security architecture model based on constructing secure code uses various security mechanisms, such as static typing, access modifiers, automatic memory management, and bytecode verification. However, such a model does not consider security principles that include interoperable and extensible vendor implementations and hashing processes. This paper proposes a new, pragmatic approach to Java security architecture that considers more security attributes. The new security architecture model extends the basic security model provided at the language function level. This pragmatic approach to Java security architecture includes Sandbox security principles, Java cryptographic architecture, interoperable and extensible implementations, and hashing processes.