|
 ABSTRACT
Existing approaches for mobile code security tend to take a conservative view that mobile code is inherently risky, and hence focus on confining it. Such confinement is usually achieved using access control policies that restrict mobile code from taking any action that can potentially be used to harm the host system. While such policies can be helpful in keeping "bad applets" in check, they preclude a large number of useful applets. We therefore take an alternative view of mobile code security, one that is focused on empowering mobile code rather than disabling it. We propose an approach wherein highly expressive security policies provide the basis for such empowerment, while greatly mitigating the risks posed to the host system by such code. Our policies are represented as extended finite state automata, (a generalization of the finite-state automata to permit the use of variables) that can enforce these policies efficiently. We have built a prototype implementation of our approach for Java. Our implementation is based on rewriting Java byte code so that security-relevant events are intercepted and forwarded to the policy enforcement automata before they are executed. Early experimental results indicate that such expressive, enabling policies can be supported with low overheads.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
BCEL APl Documentation available at http://bcel.sourceforge.net/docs/index.html.
|
| |
2
|
M. Dahm. Byte code engineering. In Proceedings of JIT 99, 1999.
|
 |
3
|
Guy Edjlali , Anurag Acharya , Vipin Chaudhary, History-based access control for mobile code, Proceedings of the 5th ACM conference on Computer and communications security, p.38-48, November 02-05, 1998, San Francisco, California, United States
[doi> 10.1145/288090.288102]
|
| |
4
|
|
| |
5
|
|
| |
6
|
D. Evans and A. Tywman. Flexible policy directed code safety. In Proceedings of the 1999 IEEE conference on Security and Privacy, 1999.
|
| |
7
|
|
| |
8
|
L. Gong, M. Mueller, H. Prafullchandra, and R. Schemers. Going beyond the sandbox: An overview of the new security architecture in the java development kit 1.2. In Proceedings of the USENIX Symposium on lnternet Technologies and Systems, 1997.
|
| |
9
|
|
| |
10
|
J. Hoagland, R. Pandey, and K. Levitt. Specifying security policies using a graphical approach. Technical report, University of California, 1999.
|
| |
11
|
|
| |
12
|
|
| |
13
|
|
| |
14
|
R. Sekar and P. Uppuluri. Synthesizing fast intrusion prevention/detection systems from high-level specifications. In Proceedings of the USENIX Security Symposium, 1999.
|
| |
15
|
P. Uppuluri. Pattern matching based intrusion detection systems. Tech report, Computer Science, StonyBrook, 2001.
|
| |
16
|
D. S. Wallach and E. W. Felten. Understanding java stack inspection. In 1998 IEEE Symposium on Security and Privacy, 1998.
|
CITED BY 4
|
|
R. Sekar , V.N. Venkatakrishnan , Samik Basu , Sandeep Bhatkar , Daniel C. DuVarney, Model-carrying code: a practical approach for safe execution of untrusted applications, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
|
|
|
Radha Jagadeesan , Will Marrero , Corin Pitcher , Vijay Saraswat, Timed constraint programming: a declarative approach to usage control, Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming, p.164-175, July 11-13, 2005, Lisbon, Portugal
|
|
|
A. Prasad Sistla , V. N. Venkatakrishnan , Michelle Zhou , Hilary Branske, CMV: automatic verification of complete mediation for java virtual machines, Proceedings of the 2008 ACM symposium on Information, computer and communications security, March 18-20, 2008, Tokyo, Japan
|
|
|
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf