Talk: Is Java Secure?

Talk: Is Java Secure?
By: Dr. Gary McGraw, Reliable Software Technologies Corporation, VA.
Sponsor: U of A ACM
When: 2:30pm Friday, March 7, 1997
Where: Union Theater
Who: Everyone is Welcome

Is Java Secure?

Did you know that whenever you surf the Web with Netscape Navigator or Microsoft Internet Explorer you are probably using Java? Java allows Web users to automatically download and run platform-independent code from all over the world on their own machines---sometimes without even knowing it. Java realizes many of the promises of object oriented, reusable code that no longer requires laborious porting efforts to cross platform boundaries. As such, Java provides an important paradigm shift in computing. However, together with the exciting benefits of Java come some dangers. It is critical that Java performs in a secure fashion---something that its designers tried to ensure. How did they do it? How successful were they? Do the benefits of Java outweigh the risks? This talk introduces and discusses the current Java security model (touching on some of Java's famous security flaws) as well as hinting at future improvements.

Gary McGraw, Ph.D. is a research scientist at Reliable Software Technologies Corporation ( (http://www.rstcorp.com/~gem). He holds a dual PhD in Cognitive Science and Computer Science from Indiana University and a BA in Philosophy from UVa. Dr. McGraw is a noted speaker and author on Java security. He recently completed a book, Java Security: Hostile Applets, Holes, & Antidotes (John Wiley and Sons, 1996), with Professor Ed Felten of Princeton University. McGraw and Felten also collaborated with MindQ (http://www.mindq.com) to produce the Java Security CD-ROM. Besides his books, Dr. McGraw's research in Cognitive Science and Software Engineering has resulted in over thirty technical publications. His recent DARPA-funded research focuses on software security, specifically the application of fault-injection and dynamic analysis to security assessment. Dr. McGraw is also a principle investigator for the National Science Foundation (grant number DMI-9661393) studying the application of genetic algorithms to software test case generation. Dr. McGraw is a member of the AAAI, the Cognitive Science Society, and the IEEE. He serves on the editorial board of the Journal of Experimental and Theoretical Artificial Intelligence (JETAI).

Additionally, Dr. McGraw will be interviewing prospective employees. Arrangements can also be made for persons interested in meeting and speaking with Dr. McGraw.

For more information or to make interview or meeting arrangements, contact:

Stacy Dakan (sdakan@comp.uark.edu),
Science-Engineering 232,
(501) 575-6427.

Date posted: February 26, 1997
Last update: Wednesday, 26-Feb-1997 15:04:31 CST