Title :
Mobile code security by Java bytecode dependence analysis
Author :
Bian, Gaowei ; Nakayama, Ken ; Kobayashi, Yoshitake ; Maekawa, Mamoru
Author_Institution :
Dept. of Inf. Syst., Univ. of Electro-Commun., Chofu, Japan
Abstract :
Security of mobile code is important because the code is transmitted and remotely executed. Existing protection mechanisms have not fully addressed the security problem. Current approaches tend to prevent the host from potential attacks by confining the mobile code, which leads to impair the function of mobile code. Java is widely used in mobile code systems. We propose a method that does less restriction to the Java mobile code while protecting the host. The approach is to analyze the Java bytecode security-relevant behavior prior to its execution, thus to ensure two major aspects of host security ntegrity and confidentiality. We extend bytecode dependence analysis technique to adapt information flow analysis. A prototype implementation is under development. This tool will be used to analyze Java class file, applet and mobile agent.
Keywords :
Java; data integrity; data privacy; distributed programming; program compilers; security of data; Java bytecode dependence analysis; confidentiality; information flow analysis; integrity; mobile code security; Computer networks; Data security; Distributed computing; Information analysis; Information security; Information systems; Java; Mobile agents; Protection; Prototypes;
Conference_Titel :
Communications and Information Technology, 2004. ISCIT 2004. IEEE International Symposium on
Print_ISBN :
0-7803-8593-4
DOI :
10.1109/ISCIT.2004.1413854
