Title : 
A flexible security model for using Internet content
         
        
            Author : 
Anand, Rangachari ; Islam, Nayeem ; Jaeger, Trent ; Rao, Josyula R.
         
        
            Author_Institution : 
IBM Thomas J. Watson Res. Center, Yorktown Heights, NY, USA
         
        
        
        
        
            Abstract : 
Java applets, Netscape plug-ins and ActiveX controls have led to the popularization of a new paradigm: extensive downloading of executable code into applications to enhance the functionality of the desktop. One of the problems with this paradigm is the need to control the access rights of the downloaded content. In this paper, we describe a system for downloading content from the Internet and controlling its actions on a client machine. Our system generates a protection domain for the downloaded content dynamically rising the content´s requested domain and a policy database that describes the user´s trust in the content´s manufacturer and type. Our system ensures that this protection domain is enforced throughout the execution of the content. We have modified the Java Virtual Machine to implement our security model. Our implementation, called Flexxguard, is freely available at http://www.alphaworks.ibm.com
         
        
            Keywords : 
Internet; client-server systems; security of data; virtual machines; ActiveX controls; Flexxguard; Internet content; Java Virtual Machine; Java applets; Netscape plug-ins; access rights; client machine; desktop functionality; executable code downloading; flexible security model; policy database; protection domain; user trust; Control systems; Data security; Databases; Internet; Java; Manufacturing; Permission; Protection; Virtual machining; Web sites;
         
        
        
        
            Conference_Titel : 
Reliable Distributed Systems, 1997. Proceedings., The Sixteenth Symposium on
         
        
            Conference_Location : 
Durham, NC
         
        
        
            Print_ISBN : 
0-8186-8177-2
         
        
        
            DOI : 
10.1109/RELDIS.1997.632802