A context-sensitive security type system for Java

Kaiser, Benjamin

dc.rights.license	CC BY-NC-ND. Users may download and share copies with attribution in accordance with a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License. No commercial use or derivatives are permitted without the explicit approval of the author.
dc.contributor	Milanova, Ana
dc.contributor	Yener, Bülent, 1959-
dc.contributor	Varela, Carlos A.
dc.contributor.author	Kaiser, Benjamin
dc.date.accessioned	2021-11-03T08:24:42Z
dc.date.available	2021-11-03T08:24:42Z
dc.date.created	2015-06-09T13:36:57Z
dc.date.issued	2015-05
dc.identifier.uri	https://hdl.handle.net/20.500.13015/1431
dc.description	May 2015
dc.description	School of Science
dc.description.abstract	This thesis presents the theoretical framework for A context-sensitive security type system for Java programs. The primary contribution is JSec, a two-stage protocol that prepares a program containing sensitive data to safely run on an untrusted machine. Given the program and a subset of its variables declared as sensitive, JSec first tracks information flow in order to infer what additional variables must be considered sensitive in order to ensure confidentiality of data. The use of a polymorphic type in this stage permits context-sensitivity, which allows us to type check a very broad class of Java programs. In the second stage, the sensitive variables determined in the first stage are encrypted using homomorphic encryption schemes that allow operations to be computed over ciphertexts. The final program can be safely executed by an untrusted host but must defer to a trusted host for key management, encryption, and decryption.
dc.description.abstract	Existing cryptographic schemes can easily protect sensitive data in transit and while in storage. When it becomes necessary to compute over that data, there are a wide variety of cryptographic and language-based solutions that protect the data in different ways and from different adversaries. However, to date, there are few practical schemes that can fully guarantee the security of sensitive data when an untrusted machine performs operations over it.
dc.language.iso	ENG
dc.publisher	Rensselaer Polytechnic Institute, Troy, NY
dc.relation.ispartof	Rensselaer Theses and Dissertations Online Collection
dc.rights	Attribution-NonCommercial-NoDerivs 3.0 United States	*
dc.rights.uri	http://creativecommons.org/licenses/by-nc-nd/3.0/us/	*
dc.subject	Computer science
dc.title	A context-sensitive security type system for Java
dc.type	Electronic thesis
dc.type	Thesis
dc.digitool.pid	175861
dc.digitool.pid	175862
dc.digitool.pid	175863
dc.rights.holder	This electronic version is a licensed copy owned by Rensselaer Polytechnic Institute, Troy, NY. Copyright of original work retained by author.
dc.description.degree	MS
dc.relation.department	Dept. of Computer Science

Files in this item

Name:: 175862_Kaiser_rpi_0185N_10601.pdf
Size:: 246.2Kb
Format:: PDF

View/Open

This item appears in the following Collection(s)

RPI Theses Online (Complete)
Rensselaer theses from 2006; many restricted to current RPI Students, Faculty and Staff
RPI Theses Open Access
Rensselaer Theses and Dissertations with Creative Commons Licenses

Show simple item record

CC BY-NC-ND. Users may download and share copies with attribution in accordance with a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License. No commercial use or derivatives are permitted without the explicit approval of the author.

Except where otherwise noted, this item's license is described as CC BY-NC-ND. Users may download and share copies with attribution in accordance with a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License. No commercial use or derivatives are permitted without the explicit approval of the author.