Mobile Code Security on Destination Platform

2005 ◽  
pp. 1263-1270
Author(s):  
Changzheng Zhu ◽  
Zhaolin Yin ◽  
Aijuan Zhang
Keyword(s):  
Mobile Code ◽  
Mobile Code Security ◽  
Code Security

Mobile code security

2001 ◽  
Author(s):  
Srikumar Ramalingam
Keyword(s):  
Mobile Code ◽  
Mobile Code Security ◽  
Code Security

Enumeration Based Security Behavior Model Checking Algorithm

2010 ◽  
Vol 20-23 ◽  
pp. 808-813
Author(s):  
Hua Xiao Liu ◽  
Ying Jin
Keyword(s):  
Security Policy ◽  
Security Policies ◽  
Small Scale ◽  
Behavior Model ◽  
Mobile Code ◽  
Security Behavior ◽  
Mobile Code Security ◽  
Code Security ◽  
Behavior Models ◽  
Context Free

Model Carrying Code(MCC) provides a way to safe execution of untrusted code by taking both mobile code producer and consumers into consideration, where it checks mobile code security by comparing security related program behavior model with security policies. In this paper an enumeration based algorithm to checking security related behavior with respect to security policy has been given, where security behavior has been modeled as extended context free grammar and the security policy has been specified as extended FSA. Solutions to dealing with loops and recursions have been introduced. A program has been developed for implementing the algorithm, and several experiments have been done. It has been indicated that our algorithm can effectively check small scale security behavior models on the basis of simple security policies.

scholarly journals Scavenger - Mobile Remote Execution

2008 ◽  
Vol 37 (587) ◽  
Author(s):  
Mads Darø Kristensen
Keyword(s):  
Programming Language ◽  
Service Discovery ◽  
Mobile Service ◽  
Mobile Code ◽  
Remote Execution ◽  
Security Models ◽  
Mobile Code Security ◽  
Code Security ◽  
Execution Environment ◽  
Python Programming

<p>This report describes the design and implementation of a mobile, peerto- peer, remote execution system called Scavenger. A peer running Scavenger is capable of automatically discovering available, unused computing resources in its vicinity, and, by means of mobile code, utilising these resources to its own good.<br />Designing a system such as Scavenger a number of challenges are raised. In this report only the two main challenges are presented: service discovery and mobile code security.<br />Service discovery in a fixed network is a well-documented process, but mobile service discovery is less so. Scavenger assumes nothing about its operating environment—it may be executing services on stationary as well as mobile peers—and it therefore needs a highly flexible service discovery protocol.</p><p>When working with mobile code, security becomes paramount since peers are executing unknown (and thus untrusted) code. Scavenger uses the Python programming language for its mobile code, and Python does not, like for example Java, have any built-in security models that enable the user to sandbox a Python process. When using such an ”insecure” programming language in a mobile code setting, other means of securing the code must be employed. This report describes the development of such a safe execution environment where mobile Python may be executed in a secure manner.</p>

scholarly journals Java Mobile Code Security by Bytecode Analysis

1970 ◽  
Vol 1 (1) ◽  
pp. 30-39 ◽  
Author(s):  
Gaowei Bian ◽  
Ken Nakayama ◽  
Yoshitake Kobayashi ◽  
Mamoru Maekawa
Keyword(s):  
Information Flow ◽  
Flow Analysis ◽  
Additional Restriction ◽  
Mobile Code ◽  
Security Model ◽  
Code System ◽  
Host Security ◽  
Mobile Code Security ◽  
Security Properties ◽  
Code Security

Since mobile code can migrate from a remote site to a host and can interact with the resources and facilities of the host, security becomes the key to the success of mobile code computation. Existing mobile code security mechanisms such as access control are not able to fully address the import security properties of the host including confidentiality and integrity. And these practices tend to protect the host from potential attacks by confining the mobile code, thus will impair the function of mobile code. Information-flow policy is a technique that can ensure confidentiality, however the analysis of the information flow is practically difficult. This paper describes an innovative approach to provide Java mobile code system security by bytecode analysis. The key technique of the approach is the dependence analysis adapted to information flow analysis. A security model for mobile code system is also proposed in this paper. By this approach, two major properties of the host security– integrity and confidentiality can be protected while the additional restriction on mobile code can be greatly avoided. A prototype has been implemented, which can be applied to analyze Java class file, applet and mobile agent.

Sign in / Sign up

Export Citation Format

Share Document