Showing papers on "Java applet published in 2015"

NGL Viewer: a web application for molecular visualization

Abstract: The NGL Viewer (http://proteinformatics.charite.de/ngl) is a web application for the visualization of macromolecular structures. By fully adopting capabilities of modern web browsers, such as WebGL, for molecular graphics, the viewer can interactively display large molecular complexes and is also unaffected by the retirement of third-party plug-ins like Flash and Java Applets. Generally, the web application offers comprehensive molecular visualization through a graphical user interface so that life scientists can easily access and profit from available structural data. It supports common structural file-formats (e.g. PDB, mmCIF) and a variety of molecular representations (e.g. ‘cartoon, spacefill, licorice’). Moreover, the viewer can be embedded in other web sites to provide specialized visualizations of entries in structural databases or results of structure-related calculations.

K-Java: A Complete Semantics of Java

Abstract: This paper presents K-Java, a complete executable formal semantics of Java 1.4. K-Java was extensively tested with a test suite developed alongside the project, following the Test Driven Development methodology. In order to maintain clarity while handling the great size of Java, the semantics was split into two separate definitions -- a static semantics and a dynamic semantics. The output of the static semantics is a preprocessed Java program, which is passed as input to the dynamic semantics for execution. The preprocessed program is a valid Java program, which uses a subset of the features of Java. The semantics is applied to model-check multi-threaded programs. Both the test suite and the static semantics are generic and ready to be used in other Java-related projects.

Systems and methods for updatable applets

Abstract: Embodiments of the invention relate to a device comprising an updatable applet and a static applet. For some embodiments, a device is disclosed comprising a processor, one or more memories storing an updatable applet, and a static applet in communication with the updatable applet, wherein the device is configured to receive updates to the updatable applet. The updatable applet and static applet may be executed through an access control software element that may prevent unrestricted access between the applets.

Use at your own risk: the Java unsafe API in the wild

Abstract: Java is a safe language. Its runtime environment provides strong safety guarantees that any Java application can rely on. Or so we think. We show that the runtime actually does not provide these guarantees---for a large fraction of today's Java code. Unbeknownst to many application developers, the Java runtime includes a "backdoor" that allows expert library and framework developers to circumvent Java's safety guarantees. This backdoor is there by design, and is well known to experts, as it enables them to write high-performance "systems-level" code in Java. For much the same reasons that safe languages are preferred over unsafe languages, these powerful---but unsafe---capabilities in Java should be restricted. They should be made safe by changing the language, the runtime system, or the libraries. At the very least, their use should be restricted. This paper is a step in that direction. We analyzed 74 GB of compiled Java code, spread over 86,479 Java archives, to determine how Java's unsafe capabilities are used in real-world libraries and applications. We found that 25% of Java bytecode archives depend on unsafe third-party Java code, and thus Java's safety guarantees cannot be trusted. We identify 14 different usage patterns of Java's unsafe capabilities, and we provide supporting evidence for why real-world code needs these capabilities. Our long-term goal is to provide a foundation for the design of new language features to regain safety in Java.

Enhanced data interface for contactless communications

Abstract: Embodiments of the invention are directed at an enhanced data interface (EDI) for contactless communications between a mobile application operating on a mobile device and an access device (e.g., contactless reader) that allows for enhanced verification between the mobile device and access device. One embodiment of the invention is directed to a method. The method comprises a mobile device receiving a request for available applets from an access device and providing a list of available applets including trusted applet identifiers and untrusted applet identifiers to the access device. The method further comprises receiving a selection of an untrusted applet identifier from the list and an entity identifier associated with the access device, validating that the access device is authorized to access credentials associated with the selected untrusted applet identifier using the entity identifier, and providing the credentials associated with the selected untrusted applet identifier to the access device.

Master applet for secure remote payment processing

Abstract: Embodiments of the invention are directed to methods, apparatuses, and systems for processing transactions using a master applet on a mobile device. One embodiment of the invention is directed to a method comprising a master applet associated with a mobile application of a mobile device determining available applications on a mobile device, displaying the available applications to a user, and receiving a selection of one of the available applications from the user. The method further comprises obtaining encrypted credentials from the selected application, generating an encrypted payload including the encrypted credentials and transaction data using a master applet encryption key associated with the applet, and sending the encrypted payload to a processor computer. The processor computer decrypts the encrypted payload using a master applet decryption key, decrypts the encrypted credentials using a selected application decryption key, and uses the decrypted credentials and transaction data to initiate a transaction.

Interactive synthesis using free-form queries

Abstract: We present a new code assistance tool for integrated development environments. Our system accepts free-form queries allowing a mixture of English and Java as an input, and produces Java code fragments that take the query into account and respect syntax, types, and scoping rules of Java as well as statistical usage patterns. The returned results need not have the structure of any previously seen code fragment. As part of our system we have constructed a probabilistic context free grammar for Java constructs and library invocations, as well as an algorithm that uses a customized natural language processing tool chain to extract information from free-form text queries. The evaluation results show that our technique can tolerate much of the flexibility present in natural language, and can also be used to repair incorrect Java expressions that contain useful information about the developer's intent. Our demo video is available at http://youtu.be/tx4-XgAZkKU.

Automatic purposed-application creation

Abstract: An electronic device (such as a cellular telephone) automatically installs and optionally personalizes a purposed application (which is sometimes referred to as an ‘applet’) on a secure element in the electronic device (which is sometimes referred to as ‘applet creation’). In particular, when a digitally signed installation package containing the applet is received from an installing device (such as a server), the secure element verifies the digital signature of the installation package using an encryption key associated with a vendor of the secure element. Then, the secure element installs the applet. In addition, the secure element may optionally export user data from another applet installed on the secure element. Moreover, the secure element may personalize the installed applet using the user data from the other applet. In this way, the electronic device provides a scalable installation solution while allowing personalization from the other applet.

Bottom-Up Context-Sensitive Pointer Analysis for Java

Abstract: This paper describes a new bottom-up, subset-based, and context-sensitive pointer analysis for Java. The main novelty of our technique is the constraint-based handling of virtual method calls and instantiation of method summaries. Since our approach generates polymorphic method summaries, it can be context-sensitive without reanalyzing the same method multiple times. We have implemented this algorithm in a tool called Scuba, and we compare it with k-CFA and k-obj algorithms on Java applications from the DaCapo and Ashes benchmarks. Our results show that the new algorithm achieves better or comparable precision to k-CFA and k-obj analyses at only a fraction of the cost.

Runtime Code Generation and Data Management for Heterogeneous Computing in Java

Abstract: GPUs (Graphics Processing Unit) and other accelerators are nowadays commonly found in desktop machines, mobile devices and even data centres. While these highly parallel processors offer high raw performance, they also dramatically increase program complexity, requiring extra effort from programmers. This results in difficult-to-maintain and non-portable code due to the low-level nature of the languages used to program these devices.This paper presents a high-level parallel programming approach for the popular Java programming language. Our goal is to revitalise the old Java slogan -- Write once, run anywhere --- in the context of modern heterogeneous systems. To enable the use of parallel accelerators from Java we introduce a new API for heterogeneous programming based on array and functional programming. Applications written with our API can then be transparently accelerated on a device such as a GPU using our runtime OpenCL code generator.In order to ensure the highest level of performance, we present data management optimizations. Usually, data has to be translated (marshalled) between the Java representation and the representation accelerators use. This paper shows how marshal affects runtime and present a novel technique in Java to avoid this cost by implementing our own customised array data structure. Our design hides low level data management from the user making our approach applicable even for inexperienced Java programmers.We evaluated our technique using a set of applications from different domains, including mathematical finance and machine learning. We achieve speedups of up to 500× over sequential and multi-threaded Java code when using an external GPU.

Dependency-aware transformation of multi-function applications for on-demand execution

Abstract: An on-demand executable system includes an application acquisition engine configured to acquire a first application that is programmed to perform a first function and a second function. An applet extractor includes a function analyzer configured to analyze the first application to identify functions that the first application is programmed to perform. The identified functions include the first function. The applet extractor includes a code analyzer configured to analyze code of the first application to identify first code segments that implement the first function. The applet extractor includes an applet packager configured to package the first code segments into a first executable. An executable request servicer is configured to, in response to a request, transmit the first executable to a user device.

Java Card Virtual Machine Compromising from a Bytecode Verified Applet

Abstract: The Byte Code Verifier BCV is one of the most important security element in the Java Card environment. Indeed, embedded applets must be verified prior installation to prevent ill-formed applet loading. In this article, we disclose a flaw in the Oracle BCV which affects the applet linking process and can be exploited on real world Java Card smartcards. We describe our exploitation of this flaw on a Java Card implementation that enables injecting and executing arbitrary native malicious code in the communication buffer from a verified applet. This native execution allows snapshotting the smart card memory with OS rights.

A Translator of Actor Prolog to Java.

Abstract: Actor Prolog is a concurrent object-oriented logic language developed in [1]. We demonstrate a state-of-the-art translator of Actor Prolog to Java developed in the framework of the Intelligent Visual Surveillance Logic Programming project [2]. The translator implements a set of high-level and low-level code optimization methods and generates a kind of the idiomatic (i.e., well-readable) source code in Java, that ensures a high speed, robustness, and openness of the executable code. Some applications of the Actor Prolog to Java translator are demonstrated, in particular, the real-time intelligent video surveillance, Actor Prolog with Java3D linking, and logic programming of Java applets.

ProstateAnalyzer: Web-based medical application for the management of prostate cancer using multiparametric MR imaging.

Abstract: Objectives: In this paper, we present ProstateAnalyzer, a new web-based medical tool for prostate cancer diagnosis. ProstateAnalyzer allows the visualization and analysis of magnetic resonance images (MRI) in a single framework. Methods: ProstateAnalyzer recovers the data from a PACS server and displays all the associated MRI images in the same framework, usually consisting of 3D T2-weighted imaging for anatomy, dynamic contrast-enhanced MRI for perfusion, diffusion-weighted imaging in the form of an apparent diffusion coefficient (ADC) map and MR Spectroscopy. ProstateAnalyzer allows annotating regions of interest in a sequence and propagates them to the others. Results: From a representative case, the results using the four visualization platforms are fully detailed, showing the interaction among them. The tool has been implemented as a Java-based applet application to facilitate the portability of the tool to the different computer architectures and software and allowing the possibility to work remotely via the web. Conclusion: ProstateAnalyzer enables experts to manage prostate cancer patient data set more efficiently. The tool allows delineating annotations by experts and displays all the required information for use in diagnosis. According to the current European Society of Urogenital Radiology guidelines, it also includes the PI-RADS structured reporting scheme.

Java-to-JavaScript translation via structured control flow reconstruction of compiler IR

Abstract: We present an approach to cross-compile Java bytecodes to Java-Script, building on existing Java optimizing compiler technology. Static analysis determines which Java classes and methods are reachable. These are then translated to JavaScript using a re-configured Java just-in-time compiler with a new back end that generates JavaScript instead of machine code. Standard compiler optimizations such as method inlining and global value numbering, as well as advanced optimizations such as escape analysis, lead to compact and optimized JavaScript code. Compiler IR is unstructured, so structured control flow needs to be reconstructed before code generation is possible. We present details of our control flow reconstruction algorithm. Our system is based on Graal, an open-source optimizing compiler for the Java HotSpot VM and other VMs. The modular and VM-independent architecture of Graal allows us to reuse the intermediate representation, the bytecode parser, and the high-level optimizations. Our custom back end first performs control flow reconstruction and then JavaScript code generation. The generated JavaScript undergoes a set of optimizations to increase readability and performance. Static analysis is performed on the Graal intermediate representation as well. Benchmark results for medium-sized Java benchmarks such as SPECjbb2005 run with acceptable performance on the V8 JavaScript VM.

Towards bridging the gap between Dalvik bytecode and native code during static analysis of Android applications

Abstract: We propose a method for statically analyzing components that can be part of Android applications and which have not been very well analyzed so far, namely native libraries. As of now, third-party native code can be seen as a black box that can be fed input parameters from the Dalvik bytecode context, and output parameters can be returned back to the bytecode context. However, the native code can still initialize and invoke Android API and internal Java-based application classes and methods solely within the native context using an interface towards the Dalvik Virtual Machine. This introduces a contingency during analysis and therefore, it is crucial to understand inner-workings of the native code in order to fully understand the behavior of an application. The contribution of this paper is to bridge the gap between static analysis of Dalvik bytecode and native code by attempting to reconstruct calls to Android APIs and performing data-flow analysis inside native libraries. Our results from real-world applications show that such constructions used for invoking Java code inside native code do exist to some extent and could potentially be used more widely in order to obfuscate applications.

Web portal api test report generation

Abstract: A system for generating application programming interface (“API”) test reports for a software application derives one or more Java APIs to be tested from the software application and derives Java Unit (“JUnit”) test methods used to test the Java APIs. The system then maps each Java API with a corresponding JUnit test method and generates one or more test reports.

A dynamic applet for the exploration of the concept of the limit of a sequence

Abstract: This paper reports findings of an explorative study that examine the effectiveness of a GeoGebra-based dynamic applet in supporting students’ construction of the formal definition of the limit of a sequence or convergence. More specifically, it is about how the use of the applet enables students to make connections between the graphical representation and the formal definition. There are several core components that one can extract from the definition and the applet is specifically designed to help students with the components. Relevant student data from the study are presented with respect to these components. The significance of the applet and further research directions are discussed at the end with reference to existing research.

Experience of integrating various technological tools into the study and future teaching of mathematics education students

Abstract: This paper presents our experience of integrating technological tools into our mathematics teaching (in both disciplinary and didactic courses) for student-teachers. In the first cycle of our study, a variety of technological tools were used (e.g., dynamic software, hypertexts, video and applets) in teaching two disciplinary mathematics courses. We found that the tool most preferred by the students was dynamic software, while the applets were almost neglected. In the next cycle, we focused on using various applets in both disciplinary and didactic mathematics courses. We found that if the assignments were applet-oriented, i.e., adjusted to the chosen applet, or vice versa – the applet was chosen appropriately to suit the given assignment – then the students were able to make use of applets in an effective way. Furthermore, the students came to see the potential of applets for improving learning.

Method, device and system for inserting view information into page

Abstract: The invention aims at providing a method, a device and a system for inserting view information into a page. According to the method, the device and the system, by virtue of interaction between a host and a plug-in unit, the view information is created by the plug-in unit and is displayed in the host; when the host loads the page, the plug-in unit which corresponds to one or more to-be-inserted view information is loaded into the page, a view creation mode which corresponds to the view information is called by the corresponding plug-in unit to generate the view information, and the view information is inserted into the page according to the corresponding position of the view information in the page. According to the method, the device and the system, the view information provided by other APP (Application) can be accessed for a page-browsing mobile application, so that the presentation effect of the page-browsing mobile application is greatly enriched and is even superior to that of Flash, Java Applet and a rich application program on a PC (Personal Computer) platform, and the browsing experience of a user is enhanced.

Live object exploration: Observing and manipulating behavior and state of Java objects

Abstract: In this paper we introduce a visual representation of Java objects that can be used for observing and manipulating behavior and state of currently developed classes. It runs separately, e.g., on a tablet, beside an integrated development environment. Within the visualization, developers are able to arbitrarily change the object state, then invoke any method with custom parameters and observe how the object state changes. When changing the source code of the related class, the visualization holds the previous object state and adapts the new behavior defined by the underlying source code. This instantly enables developers to observe functionalities objects of a certain class have and how they manipulate their state, and especially, how source code changes influence their behavior. We implemented a first prototype as a touch-enabled web application that is connected to a conventional integrated development environment. In order to gain first practical insights, we evaluated our approach in a pilot user study.

A Concept of Value Trace Problem for Java Code Reading Education

Abstract: To assist Java programming educations, we have developed a Web-based Java Programming Learning Assistant System (JPLAS). JPLAS provides the fill-in-blank problem to help novice students studying Java programming at home, where some elements in a high-quality code including reserved words, identifiers, and control symbols are blanked to be filled by students. Unfortunately, this problem may be solved without reading out the algorithm in the code if students are familiar with Java grammar to some extent. In this paper, to further cultivate the code reading capability of students, we propose a concept of the value trace problem to ask the actual values of important variables in a code implementing some fundamental data structure or algorithm. A value trace problem can be generated by: 1) selecting a high-quality class code for the algorithm to be studied, 2) making the main class to instantiate the class in 1) if it does not contain the main method, 3) adding the functions to output variable values in questions into a text file, 4) preparing the input file to the code in 3) if necessary, 5)running this code to obtain the set of variable values in the text file, 6) blanking some values from the text file to be filled by students, and 7) uploading the final code, the blanked text file, and the correct answer file into the JPLAS server, and adding the brief description on the algorithm for a new assignment. To verify the feasibility of this concept, we manually generated five problems and asked four students with high Java programming skills in our group to solve them. Then, we analyzed the difficulty of the value trace problem for Quick Sort.

Web-based Virtual Labs

Abstract: This paper presents three novel open, web-based, virtual laboratories for Physics. The labs are open, meaning they embody a complete Physics micro-world that implements all necessary Physics laws in algorithmic format. They run in real time and are deployed as Java applets, in order to be accessible via the World Wide Web, with minimum requirements on the client side. Additionally, the labs present a number of features, highly desirable for virtual labs, such as photorealistic graphics, direct manipulation, user friendliness, multiple visualizations of the experiments and the corresponding phenomena and multiple measuring instruments. Finally we present the main design principles on which the development of the labs were based and we propose good practices that can help the acceptance from the science teachers’ community and the more effective way of implementation into the class situation.

Formal Certification of Non-interferent Android Bytecode (DEX Bytecode)

Abstract: The Android operating system is now used in the majority of mobile devices. Each application in Android runs in an instance of the Dalvik virtual machine, which is a register-based virtual machine (VM). Most applications for Android are developed using Java, compiled to Java bytecode and then translated to DEX bytecode using the dx tool in the Android Software Development Kit. In this work, I aim to develop a type-based method for certifying non-interference properties of DEX bytecode, following a methodology that has been developed for Java bytecode certification by Barthe et al. To this end, I develop a formal operational semantics of the Dalvik VM, a type system for DEX bytecode, and prove the soundness of the type system with respect to a notion of non-interference. I then study the translation process from Java bytecode to DEX bytecode, as implemented in the dx tool in the Android SDK. I show that an abstracted version of the translation from Java bytecode to DEX bytecode preserves the non-interference property. More precisely, I show that if the Java bytecode is typable in Barthe et al's type system (which guarantees non-interference) then its translation is typable in our type system. This result opens up the possibility to leverage existing bytecode verifiers for Java to certify non-interference properties of Android bytecode.

Improving Precision of Java Script Program Analysis with an Extended Domain of Intervals

Abstract: Interpretation has been a promising approach for static analysis of Java Script programs. Static analysis is used for security auditing, debugging, optimization and error checking. Java Script is dynamically typed, uses prototype-based inheritance and first class functions. It supports reflective calls, access to object fields and allows object fields to be dynamically added and deleted. These dynamic features make Java Script flexible to use. At the same time, they make Java Script applications more susceptible to programming errors. The challenge that comes with the analysis of such programs is the design of abstract domains that will precisely track properties of interest without affecting performance. This paper presents our work on improving analysis precision of Java Script programs. We used an extended domain of intervals to track ranges of numeric values of variables. This is the first time interval domain has been applied to the analysis of the full Java Script language. We implemented the new abstract domain within a Java Script abstract interpreter. Our experiments show that the new abstract domain enables the abstract interpreter to infer more precise type information for most of the benchmark programs and strikes a good balance between analysis precision and cost. While the analysis of some benchmarks take more time as expected, some other benchmarks actually take less time.

Virtual laboratory platform for computer science curricula

Abstract: Experimenting in computer science course is challenging due to the limitation of site, equipment and special experiment tools. In this paper, based on the analysis of the experiments features of computer science curricula, such as, Principle of Computer Organization, Digital Image Process, Digital Signal Process etc., we design two kinds of virtual lab platforms and develop corresponding virtual lab systems for the courses in computer science curricula. In the first virtual lab, every experiment instrument in real lab is visualized as a Java component. In the other kind of virtual lab, the algorithm students learn in the course is packed as a Web Service component by C, C++ or Java. In both platforms, those components are listed in the system. Students is able to select Java components or Web Service components as the experiment they want to do need and integrate them by building connections between them. Then, the students can set input for the experiment in the input component. After click the button of rum, the result will be display for the students in the platform. In the two kinds of virtual lab, students can also write the code in the platform. After it is submitted, those codes will be transferred as a component by the platform and be added in the component list. Then they can use them as the components provide by the platform. So, they can test if the algorithm they write is correct. Both platforms are developed by Java Applet and can be run by a browse. By using our system, students can experiment at any time and any place via the Internet. Teacher is also able to do experiment in the classroom. Base on the platforms, 6 virtual lab systems have been developed and used by more than 5 universities in China. Those virtual lab systems have been received favorably by teachers and students.

Self-Assessment Web Tool for Java Programming

Abstract: Self-assessment capabilities, that enables the student to have an insight on his own learning process, are a very desirable skill on any higher education student. It is even more important for transnational students as it allows them to successfully adapt to their new international learning environment. Present work proposes an online tool to help computer science students to develop their self-assessment skills while learning Java programming. It consists on a plug-in for the widely popular Moodle learning management system to work with source code for the Java programming language. The developed plug-in lets students to upload source files, analyzes the code and presents a report to the student using industry standard tools. The report includes both errors, points of improvement and a general comparison with the rest of his classmates, from the software quality standpoint. This way, the student is provided with a framework against to which compare the correctness of the solution he/she has programmed before it is delivered to the teacher for evaluation. The teacher is able to access all this information too, facilitating an insight of how the class, as well as individual students, is progressing. It is expected that the shortening on the classical loop of the student problem solution and teacher feedback will enhance the student self-awareness and will improve his overall performance in programming courses.

Method and system for detecting intelligent card in cross-platform way

Abstract: The embodiment of the invention provides a method and a system for detecting an intelligent card in a cross-platform way, which can solve the technical problems that a control only can be run on an internet explorer browser of a windows platform and then the compatibility of the control and the internet explorer browser is poor, and can avoid the technical problems that the safety is low due to the bug of the windows system The method for detecting the intelligent card in the cross-platform manner comprises the following steps: acquiring an intelligent card detection instruction, and calling a Java Applet by virtue of the browser; calling a card reader dynamic link base by virtue of the Java Applet, and transmitting the detection instruction to the intelligent card; acquiring a result for executing the detection instruction returned by the intelligent card by virtue of the network By adopting the method and system, the compatibility of the intelligent card detection system can be improved, and the safety of the operation system can be improved