Java Security: Hotlist: Researchers

Java Security Hotlist Categories

Return to Hotlist | Return to Java Security...

Search the text of the pages on this hotlist.

RESEARCHERS

Secure Internet Programming The Princeton Team, pre-eminent research group focused on Java Security.

The Java Security Web Site Splash page for this hotlist. Information on the Java Security book and CD-ROM, article listings, and mailing list.

Java Security at RST Besides providing this set of links, Dr. Gary McGraw also maintains an RST Java Security page. RST produces a Java coverage tool that is helpful during testing (a key aspect of security).

David Hopwood David Hopwood, once a student at Oxford and then a Netscape employee, discovered some of Java's flaws that led to attack applets. David is now working on crypto for Java and is a regular contributor to comp.lang.java.security.

Java Security at UC Davis A list of Java security resources provided by Steven H. Samorodin of the UC Davis Security lab.

Java InSecurity A page of information put together by Patricia Evans (a grad student at the University of Victoria).

Godmar Back's Java Security Page A page devoted to Java Security. Includes pointers to talk slides, and a few pointers to related websites.

Spaf's Hotlist, Security in Java Gene Spafford's Security hotlist entry for Java security. A bit out of date, but the rest of the list is amazing!

Security for Extensible Systems A research group at the University of Washington interested in extensible systems (like Java) in which code can be added to a running system in almost arbitrary fashion, and it can interact through low latency (but type safe) interfaces with other code.

The Kimera group at the University of Washington A research group at the University of Washington implementing a new Java security architecture based on factored components for security, performance, and scalability.
See their Security Flaws in Java page.

Naval Postgraduate School Languages Group This group is investigating advanced type systems, especially as related to secure mobile code. The helped organize the DARPA Workshop on Foundations for Secure Mobile Code

Arizona's Sumatra Project Research on mobile code. See especially the Java Hall of Shame.

Focus on Java: Java Security The Mining Company has a nice collection of pages about Java. This one has links to a few security sites. Web ads galore...argh.

The JAWS Project JAWS (Java Applets With Safety) is an ACSys project using theorem-proving technology to analyse safety and security properties of Java applets. Java down under.

Li Gong's Java Security Home Page A collection of pointers put together by Javasoft's esteemed Java Security Architect. Sparse.

Mobile Code Security Bibliography This list of publications put together by Philip Fong of SFU includes a section on Java.

Note: The opinions expressed on this page are the opinions of Gary McGraw and Ed Felten.
Statements made on this page should not be construed as having come from our employers or our publishers.
We welcome correspondence, see the Java Security page for e-mail addresses.

Copyright © 1996-9, Gary McGraw and Edward Felten

Secure Internet Programming	The Princeton Team, pre-eminent research group focused on Java Security.
The Java Security Web Site	Splash page for this hotlist. Information on the Java Security book and CD-ROM, article listings, and mailing list.
Java Security at RST	Besides providing this set of links, Dr. Gary McGraw also maintains an RST Java Security page. RST produces a Java coverage tool that is helpful during testing (a key aspect of security).
David Hopwood	David Hopwood, once a student at Oxford and then a Netscape employee, discovered some of Java's flaws that led to attack applets. David is now working on crypto for Java and is a regular contributor to comp.lang.java.security.
Java Security at UC Davis	A list of Java security resources provided by Steven H. Samorodin of the UC Davis Security lab.
Java InSecurity	A page of information put together by Patricia Evans (a grad student at the University of Victoria).
Godmar Back's Java Security Page	A page devoted to Java Security. Includes pointers to talk slides, and a few pointers to related websites.
Spaf's Hotlist, Security in Java	Gene Spafford's Security hotlist entry for Java security. A bit out of date, but the rest of the list is amazing!
Security for Extensible Systems	A research group at the University of Washington interested in extensible systems (like Java) in which code can be added to a running system in almost arbitrary fashion, and it can interact through low latency (but type safe) interfaces with other code.
The Kimera group at the University of Washington	A research group at the University of Washington implementing a new Java security architecture based on factored components for security, performance, and scalability. See their Security Flaws in Java page.
Naval Postgraduate School Languages Group	This group is investigating advanced type systems, especially as related to secure mobile code. The helped organize the DARPA Workshop on Foundations for Secure Mobile Code
Arizona's Sumatra Project	Research on mobile code. See especially the Java Hall of Shame.
Focus on Java: Java Security	The Mining Company has a nice collection of pages about Java. This one has links to a few security sites. Web ads galore...argh.
The JAWS Project	JAWS (Java Applets With Safety) is an ACSys project using theorem-proving technology to analyse safety and security properties of Java applets. Java down under.
Li Gong's Java Security Home Page	A collection of pointers put together by Javasoft's esteemed Java Security Architect. Sparse.
Mobile Code Security Bibliography	This list of publications put together by Philip Fong of SFU includes a section on Java.