Model-Carrying Code (MCC)

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Model-Carrying Code (MCC): a new paradigm for mobile-code security

Full text

Pdf (755 KB)

Source

New Security Paradigms Workshop archive
Proceedings of the 2001 workshop on New security paradigms table of contents

Cloudcroft, New Mexico

SESSION: Session 1: creative mathematics table of contents

Pages: 23 - 30

Year of Publication: 2001

ISBN:1-58113-457-6

Authors

R. Sekar	SUNY at Stony Brook, NY
C. R. Ramakrishnan	SUNY at Stony Brook, NY
I. V. Ramakrishnan	SUNY at Stony Brook, NY
S. A. Smolka	SUNY at Stony Brook, NY

Sponsor

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 4, Downloads (12 Months): 21, Citation Count: 8

Additional Information:

abstract references cited by index terms collaborative colleagues peer to peer

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/508171.508175 What is a DOI?

ABSTRACT

A new approach for ensuring the security of mobile code is proposed. Our approach enables a mobile-code consumer to understand and formally reason about what a piece of mobile code can do; check if the actions of the code are compatible with his/her security policies; and, if so, execute the code. The compatibility-checking process is automated, but if there are conflicts, consumers have the opportunity to refine their policies, taking into account the functionality provided by the mobile code. Finally, when the code is executed, our framework uses runtime-monitoring techniques to ensure that the code does not violate the consumer's (refined) policies.At the heart of our method, which we call model-carrying code (MCC), is the idea that a piece of mobile code comes equipped with an expressive yet concise model of the code's (security-relevant) behavior. The generation of such models can be automated. MCC enjoys several advantages over current approaches to mobile-code security. It protects consumers of mobile code from malicious or faulty code without unduly restricting the code's functionality. Also, it is applicable to the vast majority of code that exists today, which is written in C or C++. This contrasts with previous approaches such as Java 2 security and proof-carrying code, which are either language-specific or are limited to type-safe languages. Finally, MCC can be combined with existing techniques such as cryptographic signing and proof-carrying code to yield additional benefits.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	R Bowen, D Chee, M Segal, R Sekar, P Uppuluri, and T Shanbag. Building survivable systems: An integrated approach based on intrusion detection and confinement. In DARPA Information Security Symposium, 2000.
	2	E. M. Clarke , E. A. Emerson , A. P. Sistla, Automatic verification of finite-state concurrent systems using temporal logic specifications, ACM Transactions on Programming Languages and Systems (TOPLAS), v.8 n.2, p.244-263, April 1986 [doi>10.1145/5397.5399]
	3	B. Cui, Y. Dong, X. Du, K. Narayan Kumar, C. R. Ramakrishnan, I. V. Ramakrishnan, A. Roychoudhury, S. A. Smolka, and D. S. Warren. Logic programming and model checking. In Static Analysis Symposium. Springer Verlag, 1998.
	4	S Forrest, S Hofmeyr, and A Somayaji. Intrusion detection using sequences of system calls. Journal of Computer Security, 1998.
	5	Li Gong, Inside Java 2 platform security architecture, API design, and implementation, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1999
	6	Gerard J. Holzmann, The Model Checker SPIN, IEEE Transactions on Software Engineering, v.23 n.5, p.279-295, May 1997 [doi>10.1109/32.588521]
	7	K Jain and R Sekar. User-level infrastructure for system call interposition: A platform for intrusion detection and confinement. In ISOC Network and Distributed System Security, 2000.
	8	C Ko, G Fink, and K Levitt. Automated detection of vulnerabilities in privileged programs by execution monitoring. In Computer Security Application Conference, 1994.
	9	Robert P. Kurshan, Computer-aided verification of coordinating processes: the automata-theoretic approach, Princeton University Press, Princeton, NJ, 1994
	10	Charlie Lai , Li Gong , Larry Koved , Anthony Nadalin , Roland Schemers, User Authentication and Authorization in the Java(tm) Platform, Proceedings of the 15th Annual Computer Security Applications Conference, p.285, December 06-10, 1999
	11	R. Milner, Communication and Concurrency, Prentice-Hall, Inc., Upper Saddle River, NJ, 1989
	12	George C. Necula, Proof-carrying code, Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.106-119, January 15-17, 1997, Paris, France [doi>10.1145/263699.263712]
	13	George C. Necula , Peter Lee, The design and implementation of a certifying compiler, Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation, p.333-344, June 17-19, 1998, Montreal, Quebec, Canada
	14	Y. S. Ramakrishna , C. R. Ramakrishnan , I. V. Ramakrishnan , Scott A. Smolka , Terrance Swift , David Scott Warren, Efficient Model Checking Using Tabled Resolution, Proceedings of the 9th International Conference on Computer Aided Verification, p.143-154, June 22-25, 1997
	15	Fred B. Schneider, Enforceable security policies, ACM Transactions on Information and System Security (TISSEC), v.3 n.1, p.30-50, Feb. 2000 [doi>10.1145/353323.353382]
	16	C. R. Ramakrishnan , I. V. Ramakrishnan , Scott A. Smolka , Yifei Dong , Xiaoqun Du , Abhik Roychoudhury , V. N. Venkatakrishnan, XMC: A Logic-Programming-Based Verification Toolset, Proceedings of the 12th International Conference on Computer Aided Verification, p.576-580, July 15-19, 2000
	17	Abhik Roychoudhury , C. R. Ramakrishnan , I. V. Ramakrishnan, Justifying proofs using memo tables, Proceedings of the 2nd ACM SIGPLAN international conference on Principles and practice of declarative programming, p.178-189, September 20-23, 2000, Montreal, Quebec, Canada [doi>10.1145/351268.351290]
	18	R. Sekar , M. Bendre , D. Dhurjati , P. Bollineni, A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors, Proceedings of the 2001 IEEE Symposium on Security and Privacy, p.144, May 14-16, 2001
	19	R. Sekar and P. Uppuluri. Synthesizing fast intrusion prevention/detection systems from high-level specifications. In USENIX Security Symposium, 1999.
	20	David Wagner , Drew Dean, Intrusion Detection via Static Analysis, Proceedings of the 2001 IEEE Symposium on Security and Privacy, p.156, May 14-16, 2001
	21	XSB. The XSB tabled logic programming system. Available from http://xsb.sourceforge.net.

CITED BY 8

	Sanna Tuohimaa , Ville Leppänen, A compact aspect-based security monitor for J2ME applications, Proceedings of the 2007 international conference on Computer systems and technologies, June 14-15, 2007, Bulgaria
	Vivek Haldar , Christian H. Stork , Michael Franz, The source is the proof, Proceedings of the 2002 workshop on New security paradigms, September 23-26, 2002, Virginia Beach, Virginia
	An Approach for Secure Software Installation, Proceedings of the 16th USENIX conference on System administration, November 03-08, 2002, Philadelphia, PA
	Carla Marceau , Rob Joyce, Empirical privilege profiling, Proceedings of the 2005 workshop on New security paradigms, September 20-23, 2005, Lake Arrowhead, California
	V. N. Venkatakrishnan , Ram Peri , R. Sekar, Empowering mobile code using expressive security policies, Proceedings of the 2002 workshop on New security paradigms, September 23-26, 2002, Virginia Beach, Virginia
	Ben Breech , Lori Pollock, A framework for testing security mechanisms for program-based attacks, ACM SIGSOFT Software Engineering Notes, v.30 n.4, July 2005
	Terri Oda , Glenn Wurster , P. C. van Oorschot , Anil Somayaji, SOMA: mutual approval for included content in web pages, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA
	Yasuyuki Tsukada, Interactive and Probabilistic Proof of Mobile Code Safety, Automated Software Engineering, v.12 n.2, p.237-257, April 2005

INDEX TERMS

General Terms:
Security

Keywords:
information assurance, mobile code security

Collaborative Colleagues:

R. Sekar: colleagues

C. R. Ramakrishnan: colleagues

I. V. Ramakrishnan: colleagues

S. A. Smolka: colleagues

Peer to Peer - Readers of this Article have also read:

Inferring constraints from multiple snapshots ACM Transactions on Graphics (TOG) 12, 4
David Kurlander , Steven Feiner
Data structures for quadtree approximation and compression Communications of the ACM 28, 9
Hanan Samet
A hierarchical single-key-lock access control using the Chinese remainder theorem Proceedings of the 1992 ACM/SIGAPP Symposium on Applied computing
Kim S. Lee , Huizhu Lu , D. D. Fisher
The GemStone object database management system Communications of the ACM 34, 10
Paul Butterworth , Allen Otis , Jacob Stein
Putting innovation to work: adoption strategies for multimedia communication systems Communications of the ACM 34, 12
Ellen Francik , Susan Ehrlich Rudman , Donna Cooper , Stephen Levine

Adobe Acrobat

QuickTime

Windows Media Player

Real Player