| Java程序中的脆弱性模式研究 |
| |
| 引用本文: | 匡春光,陈华.Java程序中的脆弱性模式研究[J].微电子学与计算机,2008,25(6). |
| |
| 作者姓名: | 匡春光 陈华 |
| |
| 作者单位: | 北京系统工程研究所,北京,100101 |
| |
| 摘 要: | 随着Java应用越来越广泛,与Java相关的脆弱性问题也越发突出,为了提高Java软件的安全性,对Java程序中的脆弱性模式进行了研究.应用了分类、分析、归纳总结等研究方法.较系统地提出Java程序中存在的脆弱性模式,阐述了各种脆弱性模式的产生原因及其危害,并提出了相应的避免方法.研究结果可以用于指导Java软件的编写,也可以用于对已有Java软件进行脆弱性分析,大幅度提高Java软件的安全性,由于脆弱性种类会随着应用的发展而发生变化,今后还需要研究其他的脆弱性模式.
|
| 关 键 词: | 脆弱性模式 整数溢出 串行化 特权代码 |
Research of Vulnerability Patterns in Java Programs |
| |
| KUANG Chun-guang,CHEN Hua.Research of Vulnerability Patterns in Java Programs[J].Microelectronics & Computer,2008,25(6). |
| |
| Authors: | KUANG Chun-guang CHEN Hua |
| |
| Abstract: | With the wider use of Java software,vulnerabilities related to Java software are becoming more and more seri- ous.In order to improve the security of Java software,the paper systematically introduces the vulnerability patterns exist- ing in Java program by using classification,analysis and inductive method.Furthermore,the paper presents the causes, harm and related avoiding policies of all the vulnerability patterns.The research results can be used to guide Java software programming and vulnerability analysis for existent Java software,which can greatly improve the security of Java soft- ware.Because software vulnerability will change with the development of software,it is necessary to research the other vulnerability patterns in the future. |
| |
| Keywords: | vulnerability pattern integer overflow serialization privileged code |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
