Report to write about Java Security
I'm doing a project for my studies; I'm investigating some points of java security (class loader, bytecoder verifier, security manager and applets). In the second part of my report, I would like to do some tests to show these functionalities in use.
Here is what I was think to implement
- Update the security manager; application can be very restricted - Or very free
Byte code verifier: I don't know how to test
Class loader: I don't know how to test
- Show the difference between local and downloaded code (On server vs applet)
Write the same code for both application. The only difference will be that one application will be downloaded; the other one run from the server.
- Show the difference between signed applet and untrusted applet
Write the same code for both applets. The only difference will be that just one applet we be signed.
- Possibilities on extending the sandbox. What can do an applet?
What do you think about these tests?
Do you have some ideas for my missing tests?
Thanks in advance