Title :
Encapsulating mobile objects
Author :
Härtig, Hermann ; Reuther, Lars
Author_Institution :
Dept. of Comput. Sci., Tech. Univ. Dresden, Germany
Abstract :
This paper describes a technique to effectively isolate mobile objects or processes that execute downloaded, potentially suspicious programs. It relies on wish lists, trust lists and capability lists. Wish lists are carried along with programs or mobile objects and denote the resources requested by the program to do what it claims to do. Wish lists are transformed into capability lists when downloaded programs are started. Trust lists reside on stations and are used to determine which members of wish lists are taken over into capability lists. The capability lists are enforced during the execution of programs. All lists are symbolic to enable their interpretation in heterogeneous environments. The paper describes the technique, its integration in a Linux environment and first experiences
Keywords :
data encapsulation; distributed processing; object-oriented programming; security of data; software portability; Linux environment; capability lists; data security; distributed systems; downloaded programs; heterogeneous environments; mobile object encapsulation; object oriented programming; program execution; software portability; suspicious programs; symbolic lists; trust lists; wish lists; Application software; Computer science; Filters; Java; Linux; Mobile agents; Mobile computing; Protection; Security; Workstations;
Conference_Titel :
Distributed Computing Systems, 1997., Proceedings of the 17th International Conference on
Conference_Location :
Baltimore, MD
Print_ISBN :
0-8186-7813-5
DOI :
10.1109/ICDCS.1997.598069
