Accession Number:

ADA465183

Title:

Comparing Java and .NET Security: Lessons Learned and Missed

Descriptive Note:

Journal article

Corporate Author:

VIRGINIA UNIV CHARLOTTESVILLE DEPT OF COMPUTER SCIENCE

Personal Author(s):

Report Date:

2006-01-01

Pagination or Media Count:

14.0

Abstract:

Many systems execute untrusted programs in virtual machines VMs to mediate their access to system resources. Sun introduced the Java VM in 1995, primarily intended as a lightweight platform for executing untrusted code inside web pages. More recently, Microsoft developed the .NET platform with similar goals. Both platforms share many design and implementation properties, but there are key differences between Java and .NET that have an impact on their security. This paper examines how .NETs design avoids vulnerabilities and limitations discovered in Java and discusses lessons learned and missed from experience with Java security.

Subject Categories:

  • Computer Programming and Software
  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE