Electronic systems and circuits have made a significant contribution towards the advancement of modern society and are utilized in a number of applications to achieve advantageous results. Numerous electronic technologies such as digital computers, calculators, audio devices, video equipment, and telephone systems have facilitated increased productivity and reduced costs in analyzing and communicating information in most areas of business, science, education and entertainment. Systems providing these advantageous results often involve information processing activities that depend upon accurate and reliable process steps or instructions. However, maintaining confidence that the instructions are secure and reliable can be difficult and is often problematic.
Numerous electronic devices include processors that operate by executing programs comprising a series of instructions. These programs and their series of instructions are typically referred to as software. Software instructions include directions that guide processor device functions in the performance of useful tasks. The software code is often expressed in different configurations or languages. Source code is usually expressed in one manner and compiled into a different expression. For example, emulation or virtual language (e.g., Java) source code is typically compiled into bytecode.
There can be significant differences between different types of code expression. Emulation languages (e.g., Java) typically offer flexible programming advantages. Emulation language code is usually more portable and mobile between system platforms than code that is native to a particular single platform. However, native languages usually offer significant potential performance advantages. For example, native languages can usually be optimized for particular system hardware architectures (e.g., an embedded processor) in a manner that significantly increases capability and speed. Native languages also often permit implementation of specialized functionality or features (e.g., utilization of embedded system functionality and features).
Java is one example of a high level emulation language that offers significant advantages over native languages. Java characteristics of platform independence, security, and network mobility make it particularly suitable for emerging distributed network computing environments. A Java program typically runs on a Java platform that interacts with the underlying computer system resources through application program interfaces (APIs). Since there is significant diversity of interfaces available for interacting between a Java program and various underlying operating systems, Java is relatively platform independent. This enables Java to be an effective language for distributed or network environment programming without the need for extensive specialized adaptation to the variety of devices potentially included in a network system.
Although many of Java's characteristics are desirable, Java performance may not be optimal for a particular application. For example, instructions in Java language sometimes take longer to process than code in a native language. In some instances this can be overcome or at least mitigated by having a Java “call” to native language code (e.g., native language methods or subroutines). For example, native language methods can be utilized to speed up performance of time critical code, utilizing legacy system data, and/or accessing features of an underlying host platform that are otherwise unaccessible in Java. However, calling native language files can be problematic. Traditional Java security is primarily focused at the class file level and not the native language level. For example, conventional Java security usually focuses on protecting the “borders” of “trusted” class libraries by preventing “untrusted” classes from pretending to be trusted, but it did not address the corruption of native language files associated with the “interior” attributes or methods of a “trusted” class. Historically, a call to a native language file bypasses the protection of traditional Java security sandboxes and security managers.
Native language files are not usually protected by intrinsic security features. Corrupted native language can easily overcome security features of Java when native language code files are called by a Java class if the native language code file has been corrupted. Native language files can be particularly troublesome if corrupted (e.g., bits altered by a malicious user, virus, etc.) because they are closer to and permit deeper penetration into the operating system. For example, native code usually has pointers and the pointers can be altered to point to an incorrect address. Malicious alteration of native code can result in overwriting a memory block with “bad” data, cause a buffer to overflow and/or include a virus. The occurrence of Java applications having calls to native methods communicated in a network environment further exacerbates the security problems since networks are usually prolific targets of security attacks. For example, it is usually convenient to download native code associated with printer drivers over the Internet and if native code is altered before it is called by emulation code, undesirable and undetected consequences can occur (e.g., an instruction to print to a local secure printer can be altered to send duplicate copies to a remote unsecured printer, etc.).