Secure testing of Java programming exercises

Description

In many courses teaching computer-science related topics, programming

exercises play an important role – often using the language Java.

Oftentimes, feedback for these is given automatically by test code written

by the course instructors and in some cases, this automatic feedback even

influences the students’ final grade in the course. Because of this, it’s

critical that it’s not possible for students to achieve results illegitimately,

without actually solving the exercise at hand. This is a hard problem: It should

of course be impossible for students to influence test code – however, sometimes the

test code should even stay entirely hidden from students as it can contain

sensitive data, such as a complete list of all test cases or even a sample

solution. This is especially relevant for courses where test code is reused in

each iteration. There are existing solutions for this problem, but each has

some drawbacks – for example the use of Java features which have been

deprecated for removal. This thesis presents Charon, a framework which

uses Linux Namespaces through usage of Docker to securely isolate student-

submitted code from test code while staying completely transparent for

students and mostly transparent for exercise creators. In this way, Charon

attempts to enable secure and usable tests of Java programming exercises.

During evaluation of its performance, it showed an overhead of 1 μs to 5 μs

per call across the isolation boundary, depending on the context. Charon

was also tested in a real-world lecture, where it proved its

applicability and transparency for students.