.NET Security: Lessons Learned and Missed from Java

A
ACSAC
2004
20th Annual Computer Security Applications Conference (ACSAC'04)
Abstract - .NET Security: Lessons Learned and Missed from Java

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Nathanael Paul Articles by David Evans

20th Annual Computer Security Applications Conference (ACSAC'04)

Tucson, Arizona

December 06-December 10

ISBN: 0-7695-2252-1

	ASCII Text	x
	Nathanael Paul, David Evans, ".NET Security: Lessons Learned and Missed from Java," Computer Security Applications Conference, Annual, pp. 272-281, 20th Annual Computer Security Applications Conference (ACSAC'04), 2004.

	BibTex	x
	@article{ 10.1109/CSAC.2004.1, author = {Nathanael Paul and David Evans}, title = {.NET Security: Lessons Learned and Missed from Java}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2004}, issn = {1063-9527}, pages = {272-281}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSAC.2004.1}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - .NET Security: Lessons Learned and Missed from Java SN - 1063-9527 SP272 EP281 A1 - Nathanael Paul, A1 - David Evans, PY - 2004 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

Nathanael Paul, University of Virginia

David Evans, University of Virginia

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSAC.2004.1

Many systems execute untrusted programs in virtual machines (VMs) to limit their access to system resources. Sun introduced the Java VM in 1995, primarily intended as a lightweight platform for execution of untrusted code inside web pages. More recently, Microsoft developed the .NET platform with similar goals. Both platforms share many design and implementation properties, but there are key differences between Java and .NET that have an impact on their security. This paper examines how .NET's design avoids vulnerabilities and limitations discovered in Java and discusses lessons learned (and missed) from Java's experience with security.

Citation:

Nathanael Paul, David Evans, ".NET Security: Lessons Learned and Missed from Java," acsac, pp.272-281, 20th Annual Computer Security Applications Conference (ACSAC'04), 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.