A Service-oriented Approach to Mobile Code Security

Artigo Acesso aberto Revisado por pares

A Service-oriented Approach to Mobile Code Security

2011; Elsevier BV; Volume: 5; Linguagem: Inglês

10.1016/j.procs.2011.07.069

ISSN

1877-0509

Autores

Micah Jones, Kevin W. Hamlen,

Tópico(s)

Distributed systems and fault tolerance

Resumo

Client software for modern service-oriented web architectures is often implemented as mobile code applets made available by service-providers. Protecting clients from malicious mobile code is therefore an important concern in these architectures; however, the burden of security enforcement is typically placed entirely on the client. This approach violates the service-oriented paradigm. A method of realizing mobile code security as a separate service in a service-oriented web architecture is proposed. The security service performs in-lined reference monitoring of untrusted Java binaries on-demand for client-specified security policies. An XML format for specifying these policies is outlined, and preliminary experiments demonstrate the feasibility of the approach.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

A Service-oriented Approach to Mobile Code Security