Spout: Distributed Execution Engine for Java Applets
Faculty: Tzi-cker Chiueh
Group Members: Anindya Neogi, Harish Sankaran

The advent of executable contents such as Java applets exposes WWW users to a new class of attacks that were not possible before. Despite an array of security checking, detection, and enforcement mechanisms built into the language model, the compiler, and the run-time system of Java, serious security breach incidents due to implementation bugs have been reported in the past several years. Without a provably correct implementation of Java's security specification, it is difficult to make any conclusive statements about the security characteristic of current Java systems. The project takes an alternative approach to address Java's security problems. Rather than attempt a provably secure implementation, we aim to  confine the damages of malicious Java applets to selective machines, thus preventing the machines behind an organization's firewall from being attacked by malicious or buggy applets. More concretely, Spout is a distributed Java execution engine that transparently decouples the processing of an incoming applet's application logic from that of graphical use interface (GUI), such that the only part of an applet that is actually running on the requesting user's host is the harmless GUI code. A unique feature of the Spout architecture is that it is completely transparent to and does not require any modifications to WWW browsers or class libraries on the end hosts. This paper describes the detailed design, implementation, and performance measurements of the first Spout prototype, which also incorporates run-time resource monitoring mechanisms to defeat denial-of-service attacks.
 

Spout Architecture  

 
 
Related Material
 
  • Secure Execution of Java Applets using a Remote Playground (AT&T Research)
  • Blocking Java Applets at the Firewall (Bellcore)
  • Digitivity Cage
  • A Secure Environment for Untrusted Helper Applications (Berkeley)
  • IBM Alphaworks
  • JRes: A Resource Accounting Interface for Java (Cornell)
  • Kaffe VM
  • Apache Web Server

    •    (refer to the tech report for detailed references)
     

    Publications

    Download Postscript Tech Report (Also in ICDCS'00)


    maintained by: anindya neogi (neogi@cs.sunysb.edu)  last update: 2/12/99