Exploiting OS-level mechanisms to implement mobile code security

Mobile code systems provide an infrastructure that supports autonomous mobile components, called mobile agents. The infrastructure implements services for the transfer, execution, and protection of mobile agents. Security services are usually provided by implementing new security mechanisms that are explicitly tailored to mobile components. Unfortunately, developing sound, reliable security mechanisms is a non-trivial task, and a history of vulnerable and/or incomplete implementations of these mechanisms led to the idea that mobile code systems are inherently insecure, too complex, and very difficult to deploy. To overcome these problems, we developed a mobile code system that relies as much as possible on the security mechanisms already provided by the underlying operating system. By doing this, it is possible to develop, with reduced effort, security services that rely on well-known, well-understood, and well-tested security mechanisms. Also, by describing the security of the mobile code system in terms of the OS security mechanisms, system administrators can better evaluate the security implications of deploying the system. This paper describes the design and implementation of our system and compares its performance to several existing mobile code systems.