A research of Java type-safety

 

Yuhong Cai

 

Computer science department, University of Auckland

ycai003@ec.auckland.ac.nz

 

Abstract

 

With java becoming one of the most preferred platforms for internet-savvy mobile code, Java security is more important than ever. In the Java security architecture, type-safety is the most essential cornerstone. Although Java designers have done good work to enforce type-safety, Java is still not so type-safe as it should be. Bugs, flaws and weaknesses have been found in various Java systems, and more problems are yet to be found. In this paper, I’ll review the enforcement of java type-safety, present some known type-confusion bugs, and analyze the possible reasons for weaknesses in Java type-safety.

 

Keywords: type-safety, type-confusion, bytecode, verifier