Sciweavers

ACSAC
2004
IEEE

.NET Security: Lessons Learned and Missed from Java

14 years 4 months ago
.NET Security: Lessons Learned and Missed from Java
Many systems execute untrusted programs in virtual machines (VMs) to limit their access to system resources. Sun introduced the Java VM in 1995, primarily intended as a lightweight platform for execution of untrusted code inside web pages. More recently, Microsoft developed the .NET platform with similar goals. Both platforms share many design and implementation properties, but there are key differences between Java and .NET that have an impact on their security. This paper examines how .NET's design avoids vulnerabilities and limitations discovered in Java and discusses lessons learned (and missed) from Java's experience with security.
Nathanael Paul, David Evans
Added 20 Aug 2010
Updated 20 Aug 2010
Type Conference
Year 2004
Where ACSAC
Authors Nathanael Paul, David Evans
Comments (0)