Enabling dynamic security policy in the Java security manager

Fabien Autrel, Nora Cuppens-Boulahia and Frederic Cuppens (Telecom Bretagne, France)

The Java execution environment includes several security mechanisms. They are found in the language itself, in the class loader, in the class verifier and in the sandbox in which bytecode is executed. The sandbox isolates the executed bytecode from the host on which the Java virtual machine is executed. The security policy enforced by the sandbox can be configured depending on who runs a program and the origin of the program and offers fine-grained mechanisms to control resource access. However, the security policy language offers no higher-level paradigms, such as the abstraction of users into roles, to enable the management of java security policies into large infrastructures. Moreover those policies are static and cannot change depending on the state of the environment into which they are deployed. We propose in this article an approach to use of the OrBAC model to configure the sandbox security policy, allowing the use of an implementation-independent policy language which offers facilities to manage large sets of JVMs, enables the expression of dynamic security policies and offers an advanced administration model.

FPS 2012 Program