Title :
A hybrid security framework of mobile code
Author :
Qin, Long ; Duanfeng, Si ; Xinhui, Han ; Wei, Zou
Author_Institution :
Inst. of Comput. Sci. & Technol., Peking Univ., Beijing, China
Abstract :
Mobile code can potentially be malicious. To protect the local system against malicious mobile code, a hybrid security framework of mobile code is proposed, which combines different static and dynamic techniques to provide a general solution to mobile code security. For a given mobile code and a set of security policies that the code needs to enforce, a static analysis tool is used to verify the mobile code against the policy. If the static analysis shows that the mobile code will never violate the policy, nothing needs to do; otherwise it never rejects the code simply but adds dynamic checks to enforce the policy when necessary. Several static analysis optimizing algorithms is also proposed to improve performance of dynamic enforcement.
Keywords :
distributed programming; security of data; hybrid security framework; malicious mobile code; mobile code; static analysis tool; Algorithm design and analysis; Computer science; Data security; Information security; Internet; Java; Mobile computing; Performance analysis; Protection; Runtime;
Conference_Titel :
Computer Software and Applications Conference, 2004. COMPSAC 2004. Proceedings of the 28th Annual International
Print_ISBN :
0-7695-2209-2
DOI :
10.1109/CMPSAC.2004.1342868
