D. Neal

Bio: D. Neal is an academic researcher from Research Triangle Park. The author has contributed to research in topics: Computer security model & Real time Java. The author has an hindex of 1, co-authored 1 publications receiving 23 citations.

The evolution of Java security

Abstract: This paper provides a high-level overview of the development and evolution of JavaTM security. Java is a maturing technology that has evolved from its commercial origins as a browser-based scripting tool. We review the various deployment environments in which Java is being targeted, some of its run-time characteristics, the security features in the current releases of the base technology, the new Java Development Kit (JDKTM) 1.2 policy-based security model, limitations of stack-based authorization security models, general security requirements, and future directions that Java security might take. IBM initiatives in Java security take into account our customers' desire to deploy Java-based enterprise solutions. Since JDK 1.2 was entering beta test at the time this paper was written, some operational changes and enhancements may result from industry feedback by the time JDK 1.2 becomes generally available.

Architectures for netcentric computing systems

Abstract: An execution architecture, a development architecture and an operations architecture for a netcentric computing system. The execution architecture contains common, run-time services required when an application executes in the netcentric computing system. The development architecture is the production environment for one or several systems development projects as well as for maintenance efforts. The purpose of the development environment is to support the tasks involved in the analysis, design, construction, and maintenance of business systems, as well as the associated management processes. It is important to note that the environment should adequately support all the development tasks, not just the code/compile/test/debug cycle. The operations architecture is a combination of tools and support services required to keep a production system up and running efficiently.

Base service architectures for netcentric computing systems

Abstract: A base services architecture for a netcentric computing system is disclosed. The base services architecture includes at least one web server that is connected with an Internet connection and at least one client. A web server service is located on the web server. During operation, the web server service enables the web server to transfer and publish a plurality of documents in the web browser on the client. A push/pull service is located on the web server for automatically notifying members of a subscriber list of the netcentric computing system when a particular piece of information has been changed or updated. A workflow service is located on the web server that includes role management service, route management services, rule management services and queue management services. A batch processing service is also located on the web server that includes batch driver services, restart/recovery services, batch balancing services and batch report services; and a report service on said web server that includes report driver services, report definition services, report build services and report distribution services.

Process for executing a downloadable service receiving restrictive access rights to at least one profile file

Abstract: A process for executing a downloadable service with specific access rights to at least one profile file in a user's computer. The web browser is used for accessing a web server through a first set of communication port and socket. Therefore is arranged a confined runtime environment such as for example an extended sandbox (11) and used in Java programming which is assigned a second communication port and sockets and which is used for executing downloadable service with restricted access on at least one profile file. The process can be used for executing services under the form of a signed archive file which signature is used for both validating the archive file and for selecting one particular secure class loader prior to the generation of the compiled code of the service.

Filtering a permission set using permission requests associated with a code assembly

Abstract: A security policy manager generates a permission grant set for a code assembly received from a resource location. The policy manager can execute in a computer system (e.g., a Web client) in combination with the verification module and class loader of the run-time environment. The permission grant set generated for a code assembly is applied in the run-time call stack to help the system determine whether a given system operation by the code assembly is authorized. A permission request set may also be received in association with the code assembly. The permission request set may include a minimum request set, specifying permissions required by the code assembly to run properly. The permission request set may also include an optional request set, specifying permissions requested by the code assembly to provide an alternative level of functionality. In addition, the permission request set may include a refuse request set, specifying permissions that are not to be granted to the code assembly. The permission requests are used to filter a permission set to generate a permission grant set.

RheoStat: Real-time risk management

Abstract: As the frequency of attacks faced by the average host connected to the Internet increases, reliance on manual intervention for response is decreasingly tenable. Operating system and application based mechanisms for automated response are increasingly needed. Existing solutions have either been customized to specific attacks, such as disabling an account after a number of authentication failures, or utilize harsh measures, such as shutting the system down. In contrast, we present a framework for systematic fine grained response that is achieved by dynamically controlling the host's exposure to perceived threats. This paper introduces a formal model to characterize the risk faced by a host. It also describes how the risk can be managed in real-time by adapting the exposure. This is achieved by modifying the access control subsystem to let the choice of whether to grant a permission be delegated to code that is customized to the specific right. The code can then use the runtime context to make a more informed choice, thereby tightening access to a resource when a threat is detected. The running time can be constrained to provide performance guarantees. The framework was implemented by modifying the Java Runtime. A suite of vulnerable Jigsaw servlets and corresponding attacks was created. The following were manually added: code for dynamic permission checks; estimates of the reduction in exposure associated with each check; the frequencies with which individual permissions occurred in a typical workload; a global risk tolerance. The resulting platform disrupted the attacks by denying the permissions needed for their completion.