{"id":4206,"date":"2017-03-20T08:47:31","date_gmt":"2017-03-20T07:47:31","guid":{"rendered":"https:\/\/blogs.uni-paderborn.de\/sse\/?p=4206"},"modified":"2017-03-20T08:47:31","modified_gmt":"2017-03-20T07:47:31","slug":"sp-paper","status":"publish","type":"post","link":"https:\/\/blogs.uni-paderborn.de\/sse\/2017\/03\/20\/sp-paper\/","title":{"rendered":"IEEE S&amp;P Paper on Hardening the Java Runtime is now available"},"content":{"rendered":"<div class=\"twoclick_social_bookmarks_post_4206 social_share_privacy clearfix 1.6.4 locale-en_US sprite-en_US\"><\/div><div class=\"twoclick-js\"><script type=\"text\/javascript\">\/* <![CDATA[ *\/\njQuery(document).ready(function($){if($('.twoclick_social_bookmarks_post_4206')){$('.twoclick_social_bookmarks_post_4206').socialSharePrivacy({\"txt_help\":\"Wenn Sie diese Felder durch einen Klick aktivieren, werden Informationen an Facebook, Twitter, Flattr, Xing, t3n, LinkedIn, Pinterest oder Google eventuell ins Ausland \\u00fcbertragen und unter Umst\\u00e4nden auch dort gespeichert. N\\u00e4heres erfahren Sie durch einen Klick auf das <em>i<\\\/em>.\",\"settings_perma\":\"Dauerhaft aktivieren und Daten\\u00fcber-tragung zustimmen:\",\"info_link\":\"http:\\\/\\\/www.heise.de\\\/ct\\\/artikel\\\/2-Klicks-fuer-mehr-Datenschutz-1333879.html\",\"uri\":\"https:\\\/\\\/blogs.uni-paderborn.de\\\/sse\\\/2017\\\/03\\\/20\\\/sp-paper\\\/\",\"post_id\":4206,\"post_title_referrer_track\":\"IEEE+S%26amp%3BP+Paper+on+Hardening+the+Java+Runtime+is+now+available\",\"display_infobox\":\"on\"});}});\n\/* ]]> *\/<\/script><\/div><p>Our new <a href=\"http:\/\/www.ieee-security.org\/TC\/SP2017\/\">S&amp;P<\/a> paper\u00a0<span class=\"bibtitle\"><a href=\"http:\/\/bodden.de\/pubs\/hhl+17hardening.pdf\">Hardening Java\u2019s Access Control by Abolishing Implicit Privilege Elevation<\/a>\u00a0is now available online. It is a follow-up work to our previous CCS&#8217;16 paper\u00a0<a href=\"http:\/\/bodden.de\/pubs\/htb+16exploits.pdf\">An In-Depth Study of More Than Ten Years of Java Exploitation<\/a>. In this former paper we classified a large number of history Java exploits. In doing so, we found that the largest class of exploits was made possible by shortcuts in Java&#8217;s implementation of access control. In the S&amp;P paper we now show that it is possible to go without those shortcuts, without any loss of performance. We also discuss the usability implications\u00a0that this removal of shortcuts would have.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Our new S&amp;P paper\u00a0Hardening Java\u2019s Access Control by Abolishing Implicit Privilege Elevation\u00a0is now available online. It is a follow-up work to our previous CCS&#8217;16 paper\u00a0An In-Depth Study of More Than Ten Years of Java Exploitation. In this former paper we &hellip; <a href=\"https:\/\/blogs.uni-paderborn.de\/sse\/2017\/03\/20\/sp-paper\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":6542,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-4206","post","type-post","status-publish","format-standard","hentry","category-general"],"_links":{"self":[{"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/posts\/4206","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/users\/6542"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/comments?post=4206"}],"version-history":[{"count":1,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/posts\/4206\/revisions"}],"predecessor-version":[{"id":4208,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/posts\/4206\/revisions\/4208"}],"wp:attachment":[{"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/media?parent=4206"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/categories?post=4206"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/tags?post=4206"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}