Title :
Embedding Rule-Based Security Monitors into Java Programs
Author :
Karlstedt, Tomi ; Leppanen, Ville ; Tuohimaa, Sanna
Author_Institution :
Dept. of Inf. Technol., Univ. of Turku, Turku
fDate :
July 28 2008-Aug. 1 2008
Abstract :
In this paper we study securing mobile code execution by embedding a rule-based security monitor into the mobile code before execution on a platform. A security monitor guards how the mobile code uses resources of the execution platform. We consider that this run-time monitoring approach is more practical than providing a proof of security properties along with the mobile code. Writing execution context related rule-based security policies enables us to be flexible with respect to the restrictions we wish to impose on the mobile code. In our opinion, establishing an authority for certifying the safety of mobile code is too inflexible, since depending on the situation the user might temporarily want to tighten the restrictions. We describe our language for expressing rule-based security policies and show how those policies can be translated into aspects, which together form a run-time security monitor. In practice, we translate our policy expression to AspectJ with our MPLc compiler and only consider embedding a run-time monitor into Java applications.
Keywords :
Java; knowledge based systems; mobile computing; program compilers; security of data; AspectJ; Java programs; MPLc compiler; mobile code execution; mobile codes; rule-based security monitors; rule-based security policies; run-time monitoring approach; run-time security monitor; security monitor guards; Application software; Automata; Information security; Information technology; Java; Mobile computing; Mobile handsets; Monitoring; Runtime; Software safety; mobile code; runtime monitoring; security;
Conference_Titel :
Computer Software and Applications, 2008. COMPSAC '08. 32nd Annual IEEE International
Conference_Location :
Turku
Print_ISBN :
978-0-7695-3262-2
Electronic_ISBN :
0730-3157
DOI :
10.1109/COMPSAC.2008.150
