Date of Award
Honors Thesis (Open Access)
Colby College. Computer Science Dept.
Dale J. Skrien
Secure software is the responsibility of every developer. In order to help a developer with this responsibility there are many automated source code security auditors. These tools perform a variety of functions, from finding calls to insecure functions to poorly generated random numbers. These programs have existed for years and perform the security audit with varying degrees of success.
Largely missing in the world of programming is such a security auditor for the Java programming language. Currently, Fortify Software produces the only Java source code security auditor; this is a commercially available package.
This void is what inspired JeSS, Java Security Scanner for eclipse. JeSS is an open source, extensible program that statically analyzes source code for possible security bugs. To tightly couple JeSS with the software development process, JeSS was developed as a plug-in for the Eclipse Integrated Development Environment.
Eclipse is an open source Integrated Development Environment (IDE) developed by IBM. Eclipse is widely used by developers in both educational and commercial settings. The Eclipse IDE was picked for JeSS because of this widespread use, its publicly available source code, and easy extensibility.
JeSS plugs into the eclipse user interface, using the standard widgets found in the development environment. The integration with the IDE and use of standard conventions within the environment makes JeSS a tool that is easy to use throughout the development process.
Security, Java, Source code security auditor, Eclipse Integrated Development Environment
Recommended CitationSpitler, Russell, "JeSS – a Java Security Scanner for Eclipse" (2005). Honors Theses. Paper 567.
Colby College theses are protected by copyright. They may be viewed or downloaded from this site for the purposes of research and scholarship. Reproduction or distribution for commercial purposes is prohibited without written permission of the author.
Click below to download supplemental content.JeSS_SpitlerR_2005.zip (1858 kB)