Mobile Code and Security Issues

Mobile Computing ◽

10.4018/978-1-60566-054-7.ch196 ◽

2009 ◽

pp. 2568-2582

Author(s):

E. S. Samundeeswari ◽

F. Mary Magdalene Jane

Keyword(s):

Programming Languages ◽

Mobile Agents ◽

Rapid Evolution ◽

Just In Time ◽

Mobile Code ◽

Security Issues ◽

Code Mobility ◽

Complex Forms ◽

Cooperating Agents ◽

Execution Tracing

Over the years, computer systems have evolved from centralized monolithic computing devices supporting static applications, into client-server environments that allow complex forms of distributed computing. Throughout this evolution, limited forms of code mobility have existed. The explosion in the use of the World Wide Web, coupled with the rapid evolution of the platform- independent programming languages, has promoted the use of mobile code and, at the same time, raised some important security issues. This chapter introduces mobile code technology and discusses the related security issues. The first part of the chapter deals with the need for mobile codes and the various methods of categorising them. One method of categorising the mobile code is based on code mobility. Different forms of code mobility, like code on demand, remote evaluation, and mobile agents, are explained in detail. The other method is based on the type of code distributed. Various types of codes, like source code, intermediate code, platform-dependent binary code, and just-in-time compilation, are explained. Mobile agents, as autonomously migrating software entities, present great challenges to the design and implementation of security mechanisms. The second part of this chapter deals with the security issues. These issues are broadly divided into code-related issues and host-related issues. Techniques, like sandboxing, code signing, and proof-carrying code, are widely applied to protect the hosts. Execution tracing, mobile cryptography, obfuscated code, and cooperating agents are used to protect the code from harmful agents. The security mechanisms, like language support for safety, OS level security, and safety policies, are discussed in the last section. In order to make the mobile code approach practical, it is essential to understand mobile code technology. Advanced and innovative solutions are to be developed to restrict the operations that mobile code can perform, but without unduly restricting its functionality. It is also necessary to develop formal, extremely easy-to-use safety measures.

Download Full-text

Mobile Code and Security Issues

Web Services Security and E-Business ◽

10.4018/978-1-59904-168-1.ch004 ◽

2007 ◽

pp. 75-92

Author(s):

E. S. Samundeeswari ◽

F. Mary Magdalene Jane

Keyword(s):

Programming Languages ◽

Mobile Agents ◽

Rapid Evolution ◽

Just In Time ◽

Mobile Code ◽

Security Issues ◽

Code Mobility ◽

Complex Forms ◽

Cooperating Agents ◽

Execution Tracing

Over the years, computer systems have evolved from centralized monolithic computing devices supporting static applications, into client-server environments that allow complex forms of distributed computing. Throughout this evolution, limited forms of code mobility have existed. The explosion in the use of the World Wide Web, coupled with the rapid evolution of the platform-independent programming languages, has promoted the use of mobile code and, at the same time, raised some important security issues. This chapter introduces mobile code technology and discusses the related security issues. The first part of the chapter deals with the need for mobile codes and the various methods of categorising them. One method of categorising the mobile code is based on code mobility. Different forms of code mobility, like code on demand, remote evaluation, and mobile agents, are explained in detail. The other method is based on the type of code distributed. Various types of codes, like source code, intermediate code, platform-dependent binary code, and just-in-time compilation, are explained. Mobile agents, as autonomously migrating software entities, present great challenges to the design and implementation of security mechanisms. The second part of this chapter deals with the security issues. These issues are broadly divided into code-related issues and host-related issues. Techniques, like sandboxing, code signing, and proof-carrying code, are widely applied to protect the hosts. Execution tracing, mobile cryptography, obfuscated code, and cooperating agents are used to protect the code from harmful agents. The security mechanisms, like language support for safety, OS level security, and safety policies, are discussed in the last section. In order to make the mobile code approach practical, it is essential to understand mobile code technology. Advanced and innovative solutions are to be developed to restrict the operations that mobile code can perform, but without unduly restricting its functionality. It is also necessary to develop formal, extremely easy-to-use safety measures.

Download Full-text

Mobile Code and Security Issues

Electronic Business ◽

10.4018/978-1-60566-056-1.ch135 ◽

2009 ◽

pp. 2183-2197

Author(s):

E. S. Samundeeswari ◽

F. Mary Magdalene Jane

Keyword(s):

Programming Languages ◽

Mobile Agents ◽

Rapid Evolution ◽

Just In Time ◽

Mobile Code ◽

Security Issues ◽

Code Mobility ◽

Complex Forms ◽

Cooperating Agents ◽

Execution Tracing

Over the years, computer systems have evolved from centralized monolithic computing devices supporting static applications, into client-server environments that allow complex forms of distributed computing. Throughout this evolution, limited forms of code mobility have existed. The explosion in the use of the World Wide Web, coupled with the rapid evolution of the platform- independent programming languages, has promoted the use of mobile code and, at the same time, raised some important security issues. This chapter introduces mobile code technology and discusses the related security issues. The first part of the chapter deals with the need for mobile codes and the various methods of categorising them. One method of categorising the mobile code is based on code mobility. Different forms of code mobility, like code on demand, remote evaluation, and mobile agents, are explained in detail. The other method is based on the type of code distributed. Various types of codes, like source code, intermediate code, platform-dependent binary code, and just-in-time compilation, are explained. Mobile agents, as autonomously migrating software entities, present great challenges to the design and implementation of security mechanisms. The second part of this chapter deals with the security issues. These issues are broadly divided into code-related issues and host-related issues. Techniques, like sandboxing, code signing, and proof-carrying code, are widely applied to protect the hosts. Execution tracing, mobile cryptography, obfuscated code, and cooperating agents are used to protect the code from harmful agents. The security mechanisms, like language support for safety, OS level security, and safety policies, are discussed in the last section. In order to make the mobile code approach practical, it is essential to understand mobile code technology. Advanced and innovative solutions are to be developed to restrict the operations that mobile code can perform, but without unduly restricting its functionality. It is also necessary to develop formal, extremely easy-to-use safety measures.

Download Full-text

Non-disclosure for distributed mobile code

Mathematical Structures in Computer Science ◽

10.1017/s096012951100017x ◽

2011 ◽

Vol 21 (6) ◽

pp. 1111-1181

Author(s):

ANA ALMEIDA MATOS ◽

JAN CEDERQUIST

Keyword(s):

Programming Language ◽

Information Flow ◽

Flow Property ◽

Mobile Code ◽

Information Flows ◽

Distributed Programs ◽

Security Issues ◽

Code Mobility ◽

Global Computing ◽

Language Based Security

With the emergence of the new possibilities offered by global computing, new security issues follow from the fact that these possibilities can be equally exploited by parties with malicious intentions. Many attacks arise at the application level, and can be tackled by means of programming language techniques. For instance, confidentiality can be violated during the execution of programs that reveal secret information. This kind of program behaviour can be avoided by information flow analyses that detect the encoding of illegal flows.This paper studies information flows that occur in distributed programs with code mobility from a language-based security perspective. New forms of security leaks that are introduced by code mobility, which we callmigration leaks, are presented and compared with well-known forms of illegal flow. We propose an information flow property that is adequate for networks consisting of a generalisation of the non-disclosure policy. We design a type and effect system for enforcing it on an expressive distributed calculus, and explain a soundness proof methodology in detail.

Download Full-text

Addressing security issues in programming languages for mobile code

Proceedings Ninth International Workshop on Database and Expert Systems Applications (Cat. No.98EX130) ◽

10.1109/dexa.1998.707415 ◽

2002 ◽

Author(s):

S. Gritzalis ◽

J. Iliadis

Keyword(s):

Programming Languages ◽

Mobile Code ◽

Security Issues

Download Full-text

Security issues surrounding programming languages for mobile code

ACM SIGOPS Operating Systems Review ◽

10.1145/506133.506137 ◽

1998 ◽

Vol 32 (2) ◽

pp. 16-32 ◽

Cited By ~ 3

Author(s):

Stefanos Gritzalis ◽

George Aggelis

Keyword(s):

Programming Languages ◽

Mobile Code ◽

Security Issues

Download Full-text

Mobile Agents, Mobile Computing and Mobile Users in Global E-Commerce

Strategies for eCommerce Success ◽

10.4018/978-1-931777-08-7.ch019 ◽

2011 ◽

pp. 278-288

Author(s):

Roberto Vinaja

Keyword(s):

Mobile Agent ◽

Mobile Agents ◽

Mobile Users ◽

The Internet ◽

Mobile Code ◽

Export Controls ◽

Security Issues ◽

International Issues ◽

Mobile Computers ◽

The Impact

Mobile agents may reside in a host or client computer, and can also roam other computers, networks or the Internet to execute their tasks. In this chapter, we will examine the implications of mobility in three aspects: mobile code, mobile hardware and mobile users. The impact of mobility on electronic commerce in the areas of security issues; export controls, legal jurisdiction, taxation and international issues is also analyzed. Mobile agent technologies and mobile computers will play an important role in the new cyberspace economy, however many issues need to be addressed before the technology can be fully implemented.

Download Full-text

Mobile Agents Computing: Security Issues and Algorithmic Solutions

Lecture Notes in Computer Science - Theoretical Computer Science ◽

10.1007/11560586_3 ◽

2005 ◽

pp. 22-22

Author(s):

Nicola Santoro

Keyword(s):

Mobile Agents ◽

Security Issues

Download Full-text

Embeddable Mobile-C for Runtime Support of Code Mobility in Multi-Agent Systems

Volume 2: 27th Computers and Information in Engineering Conference, Parts A and B ◽

10.1115/detc2007-35747 ◽

2007 ◽

Cited By ~ 5

Author(s):

Yu-Cheng Chou ◽

David Ko ◽

Harry H. Cheng

Keyword(s):

Operating Systems ◽

Mobile Agent ◽

Mobile Agents ◽

Distributed Applications ◽

Multi Agent Systems ◽

Agent Platform ◽

Agent Systems ◽

Code Mobility ◽

Mobile Agent Systems ◽

Multi Agent

Agent technology is emerging as an important concept for the development of distributed complex systems. A number of mobile agent systems have been developed in the last decade. However, most of them were developed to support only Java mobile agents. Furthermore, many of them are standalone platforms. In other words, they were not designed to be embedded in a user application to support the code mobility. In order to provide distributed applications with the code mobility, this article presents a mobile agent library, the Mobile-C library. The Mobile-C library is supported by various operating systems including Windows, Unix, and real-time operating systems. It has a small footprint to meet the stringent memory capacity for a variety of mechatronic and embedded systems. This library allows a Mobile-C agency, a mobile agent platform, to be embedded in a program to support C/C++ mobile agents. Functions in this library facilitate the development of a multi-agent system that can easily interface with a variety of hardware devices.

Download Full-text

High-level networking with mobile code and first order AND-continuations

Theory and Practice of Logic Programming ◽

10.1017/s1471068401001193 ◽

2001 ◽

Vol 1 (3) ◽

pp. 359-380 ◽

Cited By ~ 8

Author(s):

PAUL TARAU ◽

VERONICA DAHL

Keyword(s):

Data Structure ◽

Mobile Agents ◽

Network Code ◽

Mobile Code ◽

Remote Site ◽

First Order ◽

Programming Framework ◽

Distributed Processes ◽

Code Migration ◽

High Level

We describe a scheme for moving living code between a set of distributed processes coordinated with unification based Linda operations, and its application to building a comprehensive Logic programming based Internet programming framework. Mobile threads are implemented by capturing first order continuations in a compact data structure sent over the network. Code is fetched lazily from its original base turned into a server as the continuation executes at the remote site. Our code migration techniques, in combination with a dynamic recompilation scheme, ensure that heavily used code moves up smoothly on a speed hierarchy while volatile dynamic code is kept in a quickly updatable form. Among the examples, we describe how to build programmable client and server components (Web servers, in particular) and mobile agents.

Download Full-text