presented by
|
Much ado has been made over Java security --- and rightly so. Java allows web users to automatically download and run platform-independent code from all over the world on their own machines almost without thinking about it. Java has a built-in security model that tries to make malicious behavior impossible. But the security model has suffered from some well-publicized flaws. This talk will briefly cover the Java security model and explain how it works, and how it doesn't. See the Java Security Web Site.
Gary McGraw is a research scientist at Reliable Software Technologies Corporation. He holds a dual PhD in Cognitive Science and Computer Science from Indiana University and a BA in Philosophy from UVa. Dr. McGraw is a noted speaker and author on Java security. He recently completed a book, Java Security: Hostile Applets, Holes, & Antidotes (John Wiley and Sons, 1996), with Professor Ed Felten of Princeton University. Besides his books, Dr. McGraw's research in Cognitive Science and Software Engineering has resulted in over thirty-five technical publications. His Cognitive Science work is supported by NSF grant number DMI-9661393. His recent DARPA-funded research focuses on software security, specifically the application of fault-injection and dynamic analysis to security assessment. Dr. McGraw is a member of the AAAI, the Cognitive Science Society, and the IEEE. He serves on the editorial board of the Journal of Experimental and Theoretical Artificial Intelligence (JETAI). |