Title :
Efficient kernel support of fine-grained protection domains for mobile code
Author :
Takahashi, Masahiko ; Kono, Kenji ; Masuda, Takashi
Author_Institution :
Dept. of Inf. Sci., Tokyo Univ., Japan
Abstract :
Mobile code is an emerging paradigm of distributed computing. It roams over a network, is linked with an application, and runs as a part of an application. In the case of Web browsers, it is commonplace to download a mobile code, called a plug-in, from a truly open network such as the Internet. Owing to the anonymity of an open network, the mobile code may be malicious; thus, it is important to protect local computing resources from attacks by malicious code. We have developed a kernel that supports fine-grained protection domains that preclude mobile code from making unauthorized accesses to the local resources. The developed scheme provides a novel mechanism, called a multi-protection page table, of virtual memory for creating fine-grained protection domains. The multi-protection page table enables efficient cross-domain calls, whereas it provides protection. Experimental results show that the developed scheme incurs only a 5.9% execution overhead even if cross domain calls occur 30000 times per second
Keywords :
Internet; distributed programming; online front-ends; paged storage; security of data; Internet; Web browsers; anonymity; distributed computing; efficient cross-domain calls; efficient kernel support; execution overhead; fine-grained protection domains; local computing resource protection; malicious code attacks; mobile code; multi-protection page table; open network; plug-in; unauthorized access; virtual memory; Computer networks; Distributed computing; IP networks; Information science; Kernel; Libraries; Mobile computing; Network servers; Protection; Switches;
Conference_Titel :
Distributed Computing Systems, 1999. Proceedings. 19th IEEE International Conference on
Conference_Location :
Austin, TX
Print_ISBN :
0-7695-0222-9
DOI :
10.1109/ICDCS.1999.776507
