Jalapa is an extension to the security model of Java, that allows for specifying, analysing and enforcing history-based usage policies. Programmers can sandbox an untrusted piece of code with a policy, enforced at run-time through its local scope.
The following documentation is available about Jalapa:
- a tutorial on the installation and use of Jalapa.
- a specification of the syntax and semantics of usage policies.
- the manual page of the Jisel bytecode rewriter, that defines its command-line syntax
The following publications describe the underlying theory of Jalapa:
- Securing Java with Local Policies - in Formal techniques for Java-like programs, 2008
- Model checking usage policies - in Trustworthy Global Computing, 2008
Code modifications must be done through the Subversion repository. You can check out the repository through svn as follows:
svn co https://jalapa.svn.sourceforge.net/svnroot/jalapa jalapa
Jalapa can be run by any Java Runtime Environment, starting from version 1.5.