DocumentCode
1567997
Title
A hybrid security framework of mobile code
Author
Qin, Long ; Duanfeng, Si ; Xinhui, Han ; Wei, Zou
Author_Institution
Inst. of Comput. Sci. & Technol., Peking Univ., Beijing, China
fYear
2004
Firstpage
390
Abstract
Mobile code can potentially be malicious. To protect the local system against malicious mobile code, a hybrid security framework of mobile code is proposed, which combines different static and dynamic techniques to provide a general solution to mobile code security. For a given mobile code and a set of security policies that the code needs to enforce, a static analysis tool is used to verify the mobile code against the policy. If the static analysis shows that the mobile code will never violate the policy, nothing needs to do; otherwise it never rejects the code simply but adds dynamic checks to enforce the policy when necessary. Several static analysis optimizing algorithms is also proposed to improve performance of dynamic enforcement.
Keywords
distributed programming; security of data; hybrid security framework; malicious mobile code; mobile code; static analysis tool; Algorithm design and analysis; Computer science; Data security; Information security; Internet; Java; Mobile computing; Performance analysis; Protection; Runtime;
fLanguage
English
Publisher
ieee
Conference_Titel
Computer Software and Applications Conference, 2004. COMPSAC 2004. Proceedings of the 28th Annual International
ISSN
0730-3157
Print_ISBN
0-7695-2209-2
Type
conf
DOI
10.1109/CMPSAC.2004.1342868
Filename
1342868
Link To Document