Renée Bäcker - Java Security in multi-user-systems.

Security is a very important topic in Information Technology. Applications are often 
target of attackers. For this reason applications have to be analysed and vulnerabilities 
have to be checked. After these analyses vulnerabilities have to be cleared.

The topic of the paper of Renée Bäcker is the platform SicAri, which should allow 
ubiquitous internet access. This paper is structured in three main topics: The first 
block contains basic principles of security. It is about general objectives and special 
security mechanisms of the programming language Java. The second main part deals with 
the platform SicAri and its components. It is primarily about the implemented security 
mechanisms. For the security analysis and the checks for vulnerabilities it was looked 
at the bootstrapping-operation of SicAri. The results of the analysis and how the 
vulnerabilities are cleared is topic in the third part of the bachelor thesis.

This paper intensively deals with the bootstrapping-operation of SicAri. The SicAri 
main components are saved in a JAR archive. When the platform is started it must be 
checked if the archive is corrupted or not. For this check a tool was developed, because 
Java has a bug which does allow saving unsigned files in a signed JAR-archive; and these 
unsigned files are then identified as signed. Furthermore services were determined which 
are necessary for the start. With this an attacker can not change these special services 
any more. Additionally every action in SicAri now takes place in user context. This was 
not the case before:
The old version only started specified actions - e.g. starting a service - in the context 
of the logged on user. All other actions ran without any context.