SlideShare una empresa de Scribd logo

Addressing security issues in programming languages for mobile code - Conference Presentation

John ILIADIS
John ILIADIS

The services offered to the Internet community have been constantly increasing the last few years. This is mainly due to the fact that mobile code has matured enough in order to provide the Internet users with high quality applications that can be executed remotely. When a user downloads and executes code from various Internet sources, security issues arise. In this paper, we are addressing the latter and we present a comparative evaluation of the methods used by Java, Safe-Tcl and ActiveX in order to confront with these issues, based on current security functions and implementations as well as on future adjustments and extensions.

Tecnología
1 de 11
Descargar para leer sin conexión
Addressing Security Issues in Programming Languages for Mobile Code S. Gritzalis, J. Iliadis • Department of Information and Communication Systems, University of the Aegean DEXA’98 • Department of Informatics, Technological Educational Institute of Athens
Introduction • Mobile Code – travels on heterogeneous networks – crosses security domains – is executed upon arrival to the destination – security concerns
Mobile Code Languages • Java general-purpose, object oriented language. Portable in compiled binary code • Safe-Tcl high-level interpreted scripting language • ActiveX visual control framework, using COM as the underlying infrastructure. O/S dependent
Security Issues Hostile Applets – attack the Integrity of a system – violate the user’s Privacy – limit the Availability of a system – achieve user’s Annoyance
Java Security • Sandbox • Classloader • Bytecode Verifier • Security Manager • JDK 1.2 new security modus operandi • security policy • access control • protection domains
Java Security - Extensions • Digital Signatures • Policy Enforcement – capabilities – extended stack introspection – namespace management • Policy Definition • Secure Code Distribution • Corporate-wide policy • Confining the use of Java in a network domain
Safe-Tcl Security • Padded cell approach / Dual-Interpreter – Trusted Interpreter -> Full Tcl – Untrusted/Restricted Interpreter -> Safe-Tcl • Command Aliases • Security Policy
Safe-Tcl Security Extensions • Authentication of Tclets • Authentication of Safe-Tcl security policies • Confronting with denial-of-service attacks
ActiveX Security • Applet authentication • code safe for initialising • code safe for scripting • lack of configurable security policy • ActiveX, Digital Signatures and Firewalls
ActiveX Security - Extensions • Execution safety • Software memory protection – attach proofs of memory protection to code
Conclusions • Security Scheme • Detailed Security Policy • Security Integration

Recomendados

CipherLoc_OverviewBrochure (1)
CipherLoc_OverviewBrochure (1)CipherLoc_OverviewBrochure (1)
CipherLoc_OverviewBrochure (1)
Michael DeLaGarza
 
Physical Security and Digital Security
Physical Security and Digital SecurityPhysical Security and Digital Security
Physical Security and Digital Security
PLN9 Security Services Pvt. Ltd.
 
Network security
Network securityNetwork security
Network security
Raaz Karkee
 
Digital physical security[present]
Digital physical security[present]Digital physical security[present]
Digital physical security[present]
Zawawi Mohamad
 
Modern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeModern Network Security Issue and Challenge
Modern Network Security Issue and Challenge
Ikhtiar Khan Sohan
 
Network Security Issues
Network Security IssuesNetwork Security Issues
Network Security Issues
AfreenYousaf
 
Introduction to computer security syllabus
Introduction to computer security syllabusIntroduction to computer security syllabus
Introduction to computer security syllabus
Ayebazibwe Kenneth
 
Network Security Goals
Network Security GoalsNetwork Security Goals
Network Security Goals
Kabul Education University
 

Recomendados

CipherLoc_OverviewBrochure (1)
CipherLoc_OverviewBrochure (1)CipherLoc_OverviewBrochure (1)
CipherLoc_OverviewBrochure (1)
Michael DeLaGarza
 
Physical Security and Digital Security
Physical Security and Digital SecurityPhysical Security and Digital Security
Physical Security and Digital Security
PLN9 Security Services Pvt. Ltd.
 
Network security
Network securityNetwork security
Network security
Raaz Karkee
 
Digital physical security[present]
Digital physical security[present]Digital physical security[present]
Digital physical security[present]
Zawawi Mohamad
 
Modern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeModern Network Security Issue and Challenge
Modern Network Security Issue and Challenge
Ikhtiar Khan Sohan
 
Network Security Issues
Network Security IssuesNetwork Security Issues
Network Security Issues
AfreenYousaf
 
Introduction to computer security syllabus
Introduction to computer security syllabusIntroduction to computer security syllabus
Introduction to computer security syllabus
Ayebazibwe Kenneth
 
Network Security Goals
Network Security GoalsNetwork Security Goals
Network Security Goals
Kabul Education University
 
Network Security Terminologies
Network Security TerminologiesNetwork Security Terminologies
Network Security Terminologies
university of education,Lahore
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
Computing Cage
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: Overview
Mohamed Loey
 
Computer Systems Security
Computer Systems SecurityComputer Systems Security
Computer Systems Security
drkelleher
 
Network security
Network securityNetwork security
Network security
quest university nawabshah
 
keamanan komputer / computer security
keamanan komputer / computer securitykeamanan komputer / computer security
keamanan komputer / computer security
Hendra Fillan
 
Sabate chap2 lab1
Sabate chap2 lab1Sabate chap2 lab1
Sabate chap2 lab1
}{it -Boy
 
java-card20232024999999999999999999999999999999999999999999999999999999999999...
java-card20232024999999999999999999999999999999999999999999999999999999999999...java-card20232024999999999999999999999999999999999999999999999999999999999999...
java-card20232024999999999999999999999999999999999999999999999999999999999999...
ouahibakellou
 
Enterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-upEnterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-up
Dileep Kalidindi
 
20120709 cyber patterns2012
20120709 cyber patterns201220120709 cyber patterns2012
20120709 cyber patterns2012
Aniketos EU FP7 Project
 
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...
Marcel Winandy
 
Mobile Device Security Training
Mobile Device Security TrainingMobile Device Security Training
Mobile Device Security Training
Bryan Len
 
Cisco integrated security
Cisco integrated securityCisco integrated security
Cisco integrated security
jobyj
 
Security and Privacy in Mobile Cloud Computing
Security and Privacy in Mobile Cloud ComputingSecurity and Privacy in Mobile Cloud Computing
Security and Privacy in Mobile Cloud Computing
Ram Kumar K R
 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure Cloud
Paulo Renato
 
Praetorian_Secure_EncryptionServices_Overview
Praetorian_Secure_EncryptionServices_OverviewPraetorian_Secure_EncryptionServices_Overview
Praetorian_Secure_EncryptionServices_Overview
Brent Bernard, CISSP & PCI-QSA
 
Praetorian secure encryption_services_overview
Praetorian secure encryption_services_overviewPraetorian secure encryption_services_overview
Praetorian secure encryption_services_overview
Brent Bernard, CISSP & PCI-QSA
 
Preatorian Secure partners with Cipher loc - New Encryption Technology
Preatorian Secure partners with Cipher loc - New Encryption Technology Preatorian Secure partners with Cipher loc - New Encryption Technology
Preatorian Secure partners with Cipher loc - New Encryption Technology
Austin Ross
 
Praetorian secure encryption_services_overview
Praetorian secure encryption_services_overviewPraetorian secure encryption_services_overview
Praetorian secure encryption_services_overview
Brent Bernard, CISSP & PCI-QSA
 
Multilayer security mechanism in computer networks (2)
Multilayer security mechanism in computer networks (2)Multilayer security mechanism in computer networks (2)
Multilayer security mechanism in computer networks (2)
Alexander Decker
 
Six steps for securing offshore development
Six steps for securing offshore developmentSix steps for securing offshore development
Six steps for securing offshore development
gmaran23
 
Coud discovery chap 5
Coud discovery chap 5Coud discovery chap 5
Coud discovery chap 5
Alain Charpentier
 

Más contenido relacionado

La actualidad más candente

Computer Systems Security
Computer Systems SecurityComputer Systems Security
Computer Systems Security
drkelleher
 
keamanan komputer / computer security
keamanan komputer / computer securitykeamanan komputer / computer security
keamanan komputer / computer security
Hendra Fillan
 
Sabate chap2 lab1
Sabate chap2 lab1Sabate chap2 lab1
Sabate chap2 lab1
}{it -Boy
 

La actualidad más candente (7)

Network Security Terminologies
Network Security TerminologiesNetwork Security Terminologies
Network Security Terminologies
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: Overview
 
Computer Systems Security
Computer Systems SecurityComputer Systems Security
Computer Systems Security
 
Network security
Network securityNetwork security
Network security
 
keamanan komputer / computer security
keamanan komputer / computer securitykeamanan komputer / computer security
keamanan komputer / computer security
 
Sabate chap2 lab1
Sabate chap2 lab1Sabate chap2 lab1
Sabate chap2 lab1
 

Similar a Addressing security issues in programming languages for mobile code - Conference Presentation

java-card20232024999999999999999999999999999999999999999999999999999999999999...
java-card20232024999999999999999999999999999999999999999999999999999999999999...java-card20232024999999999999999999999999999999999999999999999999999999999999...
java-card20232024999999999999999999999999999999999999999999999999999999999999...
ouahibakellou
 
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...
Marcel Winandy
 
Mobile Device Security Training
Mobile Device Security TrainingMobile Device Security Training
Mobile Device Security Training
Bryan Len
 
Multilayer security mechanism in computer networks (2)
Multilayer security mechanism in computer networks (2)Multilayer security mechanism in computer networks (2)
Multilayer security mechanism in computer networks (2)
Alexander Decker
 
Multilayer security mechanism in computer networks
Multilayer security mechanism in computer networksMultilayer security mechanism in computer networks
Multilayer security mechanism in computer networks
Alexander Decker
 
11.multilayer security mechanism in computer networks
11.multilayer security mechanism in computer networks11.multilayer security mechanism in computer networks
11.multilayer security mechanism in computer networks
Alexander Decker
 
santoskumaarResume - updated
santoskumaarResume - updatedsantoskumaarResume - updated
santoskumaarResume - updated
Santos Kumaar.S
 

Similar a Addressing security issues in programming languages for mobile code - Conference Presentation (20)

java-card20232024999999999999999999999999999999999999999999999999999999999999...
java-card20232024999999999999999999999999999999999999999999999999999999999999...java-card20232024999999999999999999999999999999999999999999999999999999999999...
java-card20232024999999999999999999999999999999999999999999999999999999999999...
 
Enterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-upEnterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-up
 
20120709 cyber patterns2012
20120709 cyber patterns201220120709 cyber patterns2012
20120709 cyber patterns2012
 
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...
 
Mobile Device Security Training
Mobile Device Security TrainingMobile Device Security Training
Mobile Device Security Training
 
Cisco integrated security
Cisco integrated securityCisco integrated security
Cisco integrated security
 
Security and Privacy in Mobile Cloud Computing
Security and Privacy in Mobile Cloud ComputingSecurity and Privacy in Mobile Cloud Computing
Security and Privacy in Mobile Cloud Computing
 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure Cloud
 
Praetorian_Secure_EncryptionServices_Overview
Praetorian_Secure_EncryptionServices_OverviewPraetorian_Secure_EncryptionServices_Overview
Praetorian_Secure_EncryptionServices_Overview
 
Praetorian secure encryption_services_overview
Praetorian secure encryption_services_overviewPraetorian secure encryption_services_overview
Praetorian secure encryption_services_overview
 
Preatorian Secure partners with Cipher loc - New Encryption Technology
Preatorian Secure partners with Cipher loc - New Encryption Technology Preatorian Secure partners with Cipher loc - New Encryption Technology
Preatorian Secure partners with Cipher loc - New Encryption Technology
 
Praetorian secure encryption_services_overview
Praetorian secure encryption_services_overviewPraetorian secure encryption_services_overview
Praetorian secure encryption_services_overview
 
Multilayer security mechanism in computer networks (2)
Multilayer security mechanism in computer networks (2)Multilayer security mechanism in computer networks (2)
Multilayer security mechanism in computer networks (2)
 
Six steps for securing offshore development
Six steps for securing offshore developmentSix steps for securing offshore development
Six steps for securing offshore development
 
Coud discovery chap 5
Coud discovery chap 5Coud discovery chap 5
Coud discovery chap 5
 
Multilayer security mechanism in computer networks
Multilayer security mechanism in computer networksMultilayer security mechanism in computer networks
Multilayer security mechanism in computer networks
 
11.multilayer security mechanism in computer networks
11.multilayer security mechanism in computer networks11.multilayer security mechanism in computer networks
11.multilayer security mechanism in computer networks
 
santoskumaarResume - updated
santoskumaarResume - updatedsantoskumaarResume - updated
santoskumaarResume - updated
 
Webinar on Enterprise Security & android
Webinar on Enterprise Security & androidWebinar on Enterprise Security & android
Webinar on Enterprise Security & android
 
DSS Symantec PGP Encryption Fortress 2014 - ArrowECS - RoadShow Baltics
DSS Symantec PGP Encryption Fortress 2014 - ArrowECS - RoadShow BalticsDSS Symantec PGP Encryption Fortress 2014 - ArrowECS - RoadShow Baltics
DSS Symantec PGP Encryption Fortress 2014 - ArrowECS - RoadShow Baltics
 

Más de John ILIADIS

Más de John ILIADIS (13)

Information security and digital payments; thoughts about current trends
Information security and digital payments; thoughts about current trendsInformation security and digital payments; thoughts about current trends
Information security and digital payments; thoughts about current trends
 
Security in RegTech's Playground
Security in RegTech's PlaygroundSecurity in RegTech's Playground
Security in RegTech's Playground
 
Malicious Software. In Greek.
Malicious Software. In Greek.Malicious Software. In Greek.
Malicious Software. In Greek.
 
PKI : The role of TTPs for the Development of secure Transaction Systems
PKI : The role of TTPs for the Development of secure Transaction SystemsPKI : The role of TTPs for the Development of secure Transaction Systems
PKI : The role of TTPs for the Development of secure Transaction Systems
 
Reshaping Key Management: A Tale of Two Decades
Reshaping Key Management: A Tale of Two DecadesReshaping Key Management: A Tale of Two Decades
Reshaping Key Management: A Tale of Two Decades
 
PKI: Is it worth something, or what?
PKI: Is it worth something, or what?PKI: Is it worth something, or what?
PKI: Is it worth something, or what?
 
Certificate Revocation: What Is It And What Should It Be
Certificate Revocation: What Is It And What Should It BeCertificate Revocation: What Is It And What Should It Be
Certificate Revocation: What Is It And What Should It Be
 
Evaluating Open Source Security Software
Evaluating Open Source Security SoftwareEvaluating Open Source Security Software
Evaluating Open Source Security Software
 
ADoCSI: Towards a Transparent Mechanism for Disseminating Certificate Status ...
ADoCSI: Towards a Transparent Mechanism for Disseminating Certificate Status ...ADoCSI: Towards a Transparent Mechanism for Disseminating Certificate Status ...
ADoCSI: Towards a Transparent Mechanism for Disseminating Certificate Status ...
 
E-Commerce Security: A Primer
E-Commerce Security: A PrimerE-Commerce Security: A Primer
E-Commerce Security: A Primer
 
PKI: Overpromising and Underdelivering
PKI: Overpromising and UnderdeliveringPKI: Overpromising and Underdelivering
PKI: Overpromising and Underdelivering
 
What is (not) Network Security
What is (not) Network SecurityWhat is (not) Network Security
What is (not) Network Security
 
Network Security: Putting Theory into Practice, the Wrong Way
Network Security: Putting Theory into Practice, the Wrong WayNetwork Security: Putting Theory into Practice, the Wrong Way
Network Security: Putting Theory into Practice, the Wrong Way
 

Último

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 

Último (20)

Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

Addressing security issues in programming languages for mobile code - Conference Presentation

  • 1. Addressing Security Issues in Programming Languages for Mobile Code S. Gritzalis, J. Iliadis • Department of Information and Communication Systems, University of the Aegean DEXA’98 • Department of Informatics, Technological Educational Institute of Athens
  • 2. Introduction • Mobile Code – travels on heterogeneous networks – crosses security domains – is executed upon arrival to the destination – security concerns
  • 3. Mobile Code Languages • Java general-purpose, object oriented language. Portable in compiled binary code • Safe-Tcl high-level interpreted scripting language • ActiveX visual control framework, using COM as the underlying infrastructure. O/S dependent
  • 4. Security Issues Hostile Applets – attack the Integrity of a system – violate the user’s Privacy – limit the Availability of a system – achieve user’s Annoyance
  • 5. Java Security • Sandbox • Classloader • Bytecode Verifier • Security Manager • JDK 1.2 new security modus operandi • security policy • access control • protection domains
  • 6. Java Security - Extensions • Digital Signatures • Policy Enforcement – capabilities – extended stack introspection – namespace management • Policy Definition • Secure Code Distribution • Corporate-wide policy • Confining the use of Java in a network domain
  • 7. Safe-Tcl Security • Padded cell approach / Dual-Interpreter – Trusted Interpreter -> Full Tcl – Untrusted/Restricted Interpreter -> Safe-Tcl • Command Aliases • Security Policy
  • 8. Safe-Tcl Security Extensions • Authentication of Tclets • Authentication of Safe-Tcl security policies • Confronting with denial-of-service attacks
  • 9. ActiveX Security • Applet authentication • code safe for initialising • code safe for scripting • lack of configurable security policy • ActiveX, Digital Signatures and Firewalls
  • 10. ActiveX Security - Extensions • Execution safety • Software memory protection – attach proofs of memory protection to code
  • 11. Conclusions • Security Scheme • Detailed Security Policy • Security Integration