You are here: silicon.com > Resources > White Papers > Software and Web Development > Software Development Tools > Java

Java White Papers

SecuriFly: Runtime Protection and Recovery From Web Application Vulnerabilities

Overview This paper presents a runtime solution to a range of Web application security vulnerabilities. The solution the paper proposes called SecuriFly consists of instrumenting the application to precisely track the flow of data. When a potential vulnerability is observed, the application is either terminated to prevent the vulnerability from being exploited or special recovery code is executed and the application is allowed to continue on running. The paper has used SecuriFly to harden and experiment with a range of large open-source benchmarks written in Java. Protection provided by SecuriFly was sufficient to protect against all exploits it were able to generate.

Further White Paper Details
Publisher	Stanford University	File Format	PDF
Date Published	September 2006
Format	White Papers
Topics	Java, Programming Languages, Security Management

Did you find this white paper useful?

Virus warning: Swen appears to be security update

When executed, the worm continues to pose as a security update, launching a message windows that states: "This will install Microsoft Security Update. It uses a vulnerability in Internet Explorer to execute directly from an email message, according...

Channel:
Security Strategy

Security hole found in Internet Explorer - yet again

Most exploits we are seeing developed today are composed of multiple vulnerabilities, (each one) bypassing a specific security feature of Internet Explorer," Kuperus said. Additionally, security researchers discovered last week that a milder...

Microsoft denies SP2 flaw is a danger

Peter Lindstrom, a research director at Spire Security, observed that the Data Execution Protection vulnerability is unlikely to be seized upon by hackers. Maybe you could classify this problem as a lost opportunity on Microsoft's part to protect...

Channel:
Security Strategy

Buggy Windows patch backfires on the security-minded

That is worrying, especially with a narrowing amount of time between the release of a software fix and a malicious code attack that exploits the vulnerability related to it, SANS' Ullrich said. The patch was released on Tuesday to fix four Windows...

Trio of Windows flaws opens door to nasties

Mehta doesn't expect the latest Windows flaws to be exploited in a widespread attack. Microsoft is not aware of any malicious code that exploits the two flaws that could allow a PC to be fully compromised, the software maker said.

OpenOffice patches trio of holes

Although OpenOffice claims there are currently no known exploits for the vulnerabilities, it has urged all users of 2.0.x prior to 2.0.2 to upgrade to OpenOffice.org 2.0.3. Users can protect themselves from the first vulnerability by disabling...

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Java White Papers

SecuriFly: Runtime Protection and Recovery From Web Application Vulnerabilities

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific