A much better (and useful) eclipse plugin

April 18, 2010

It’s been four days since I started working with eclipse plugins and I finally have my first useful plugin. It’s useful for my research purposes and hopefully for a small audience interested in my work. It might also be useful for those trying to learn how to write eclipse plugins because I’ll soon be writing a tutorial on how I put this thing together from scratch (inshallah).

For the time being though, enjoy the screenshot.

Update: fixed the plugin with a new ‘View’. It now operates much better with a separate view for the output and controls. Also added is a ‘Hierarchy’ view for viewing the policy in a nice tree structure.

Flashing Android Dev Phone 1

July 20, 2009

This tutorial is about flashing your Android Developer Phone 1 with your own custom build. It will provide a concise description of steps involved along with a special portion on how to port Google’s apps on your custom build. I found that particularly troublesome with little help on the Internet. So, that will be a bonus

First the disclaimer: This is for your Android Dev Phone 1 (ADP1). If you’re using T-Mobile’s SIM/firmware locked phone, stop. This tutorial is not for you. If you’re using ADP1, proceed at your own risk. You may brick your phone if you do something wrong and I shall not be held responsible for it. Finally, you might want to backup your factory-provided image. I don’t think it’s really necessary because you can just flash it again using the HTC provided images.

So, here is how it’s done:

Read the rest of this entry »

Getting Started with Android Dev Phone 1

July 16, 2009

We received our Google Android Dev Phone 1 yesterday and immediately ran into trouble. We don’t have a supported carrier here and we couldn’t get our own carriers to work with Android because we didn’t have the APN information. Android’s distro that comes bundled into the Dev Phone won’t let you in without an APN  though. You get a “SIM not found” message and you can’t do anything other than dial an emergency number. So, after searching for a while, I found some useful tips for getting around the problem.

First, you need to plug in your phone through the provided USB. If you’re running XP, the device will probably not be recognized. (It wasn’t for me.) So, download the Android phone driver here (or here) and install it when XP asks to search for a driver. (Thanks to anddev for this information.) After that, get the Android SDK from here. Go to command prompt and navigate to the tools directory in the SDK. Then execute these commands.


adb shell
su
cd /data/data/com.android.providers.settings/databases
sqlite3 settings.db
INSERT INTO system (name, value) VALUES ('device_provisioned', 1);
.exit
reboot


Once the device finishes rebooting,


adb shell
am start -a android.intent.action.MAIN -n com.android.settings/.Settings


Many thanks to Android Tricks for writing this tip.

Update 1: Android SDK ships with the latest version of the windows Android phone driver. You can find it in $ANDROID_SDK_HOME/usb_driver. So, you don’t need to download the driver using the links provided above.

Update 2: To get the Android device to work on Ubuntu 9.04 Jaunty Jackalope, you need to perform the following steps:

1. sudo nano /etc/udev/rules.d/51-android.rules
2. Add this line to the file: SUBSYSTEM=="usb", ATTRS{idVendor}=="0bb4", MODE="0666"
   (You can get the 0bb4 value from lsusb for High Tech Corporation (i.e. HTC) if you work with a different phone)
3. sudo chmod a+rx /etc/udev/rules.d/51-android.rules
4. sudo /etc/init.d/udev restart
5. adb devices (to see the device)

Video Lectures Uploaded

May 18, 2009

For those who are interested in the activities of SERG but can’t come over to the end of the world (Phase 7 in Hayatabad), here’s a resource that you might benefit from. Video lectures of workshops conducted by SERG members are being uploaded online on different services. These will invariably be free and you can view them online if you have a reasonable internet connection. See the list here.

A Brief Intro to Security in Java

January 12, 2009

Disclaimer: This is not a how-to for implementing security frameworks. It will focus on the research aspects of Java Security Managers. If you need to find out how to implement the code, follow some of the references.

The Java SE platform provides a solid security framework. Aside from the cryptography libraries and Java Cryptography Extension (JCE) specification, it includes an important feature — called Security Managers — which enable a program writer (or the user) to specify the security constraints for a program.

Every call to the system resources goes through the Java Virtual Machine (JVM). The VM includes hooks, which call a Security Manager and request a decision regarding system resource calls. These calls include reading and writing files, opening sockets and listening to ports. The assigned security manager reads the security policy and decides whether the system call should be allowed. If the call is to be granted, the security manager simply returns a value (the nature of which is not important). If it is not to be allowed, a security exception is thrown, which signifies the denial of the call.

Read the rest of this entry »

VM-based Information Flow for Policy Enforcement

September 3, 2008

Regarding paper titled “A Virtual Machine Based Information Flow Control System for Policy Enforcement” by Nair et al. 

Nair et al. present an information flow control system which addresses the issue of implicit information flows using an extension of the Kaffe JVM. Trishul is implemented by extending Java Stack and Heap structures. The resulting framework is capable of dynamically assigning labels to objects and propagating these labels based on information and control flow. Label or “Taint” propagation is based on the Lattice based Information Flow Model by Denning.

Joined JCP for Participation in JSR321

July 29, 2008

I have joined the Java Community Process (JCP) which is a platform for creation, review and approval of java specifcations in the form of Java Specification Requests (JSRs). My motivation is to participate in JSR321 “Trusted Computing”. The official description is as follows:

“The Trusted Computing Group developed a standard API for accessing Trusted Computing functionality from applications, the Trusted Software Stack (TSS). The TSS is targeted at applications written in the C-language. To make use of TC-functionality from Java, two groups have developed prototype solutions:

• MIT CSAIL has developed TMP/J, an object-oriented API using Java for low-level access to the TPM.
• IAIK, Graz University of Technology has developed the jTSS-Wrapper, a Wrapper making standard TSS implementations accessible from Java, and also jTSS, a native implementation of the TCG Software Stack.

The TSS-based activities followed the C-Specifications of the TCG, the resulting API obviously is not ideal for the Java world. The proposed JSR is to develop a Trusted Software Stack for Java providing comparable functionality the TSS offers to the C world.”

In simple words, the JSR aims to create a new Java namespace called javax.trustedComputing for the Java SE/EE platforms. See more about the JSR at: https://jsr321.dev.java.net/

I have been added to the JSR Expert Group on dev.java.net and await the completion of my agreement with Sun for formal induction in the JSR at JCP.

Updates

June 15, 2008

It’s been a while since I wrote something abstract here. I hardly get the time to write something that’s not a paper or part of a (research) proposal. I’m writing this now because of one reason: I’m looking for people who can work with me. Because I’m not teaching full-time, I can’t find students who’d commit to work with me. So, I’m floating some ideas. If you think you might be interested in working on them with me, mail me (or comment here).

1. I’ve worked on “common sense and folksonomy” for some time now. This work is in the background now that I’m working on security but I still have quite a few ideas which can not only be researched but also implemented and tested. So, this can be useful if you’re looking for some work related to web search or collaborative systems.
2. Usage control: This is what I’m focusing on nowadays. Usage contol deals with access decisions on a client platform. Imagine a scenario where you release some artwork to your agent. The agent can pass the artwork to others but only art galleries can view the image. You can also restrict the usage to a certain amount of time or to a number of views. This seems like Digital Rights Management but it’s much more than that; it’s also especially relevant to systems like those involved in e-government – an area where Pakistan needs a vast human resource.
3. Remote Attestation: This is an extremely rich field of security. An important aspect of Trusted Computing, remote attestation deals with the questions: “can the remote platform be trusted?”, “will it behave in the future as I expect it to?” and “are there any softwares on the remote platform which can misuse my resources?”. Put remote attestation and usage control together and you have one air-tight security mechanism. My work in this area goes beyond just theoretical research. I’ve done some practical implementations and I have a few ideas about how to proceed.

All these areas have lots of work in them. What’s needed is some human resource to do the work!

20th International CSEE&T – (in progress)

July 3, 2007

I’ve been in Dublin City University (DCU) for two days waiting for the conference to start. Today was the first day. We had a presentation from two guys from Carnegie Mellon University. The presentation, besides being very informative, was absolutely entertaining. Anyway, these guys conduct seminars (mostly small ones of two days) and I’ve persuaded them to do one in Peshawar. They have estimated the cost to around $12,000 which comes around to PKR. 7,00,000 — which isn’t much for universities. I’ll talk about this to concerned people when I get back to Pakistan.

I have to get back to the conference in 10 minutes, so more updates later.

HOLZ and Zeta

April 19, 2007

Installing HOLZ isn’t as easy as you may think it would be. After much efforts, I’ve managed to do it and I thought I should post it here to save you guys some time.

First of all, install Isabelle2005 if you haven’t already.
Then, get zeta and install that using the provided installation classfile. It’s pretty straight forward.

The tricky part is installing HOlZ on top of it. Here’s what needs to be done:

1. Read the Install file which comes with the HOLZ tarball. (Read the file carefully and make the configuration changes it asks you to.) 
2. Try installing HOLZ.
3. It shouldn’t work. (If it does, you don’t need to read this.) You will probably get a message saying, “Build failed”.
4. Now, locate zeta.sty and put it in HOLZ/src/latex/. This file can be found in lib/latex subdir in the zeta installation directory.
5. Modify IsaMakefile in HOLZ installation source directory and put a command to copy zeta.sty to the same target as the holz.sty. (You’ll understand what I’m saying when you open IsaMakefile in an editor.)
6. Now, redo the isatool make command. It should work now.

Secondly, to install the Zeta Adaptor, here’s what needs to be done:

1. Go to “zeta” subdirectory in HOLZ’s src directory,
2. Do an “isatool make”.
3. It will tell you where it’s put the just-installed holz adaptor jar.
4. Now, go to zeta-1.5/bin where zeta-1.5 is your zeta installation directory
5. vi zeta
6. Modify to include the just copied jar.

More on how to get from zeta to Isabelle/HOLZ later. Stay tuned.