Mobile code security by Java bytecode dependence analysis

Author

Bian, Gaowei ; Nakayama, Ken ; Kobayashi, Yoshitake ; Maekawa, Mamoru

Author_Institution

Dept. of Inf. Syst., Univ. of Electro-Commun., Chofu, Japan

Volume

2

fYear

2004

fDate

26-29 Oct. 2004

Firstpage

923

Abstract

Security of mobile code is important because the code is transmitted and remotely executed. Existing protection mechanisms have not fully addressed the security problem. Current approaches tend to prevent the host from potential attacks by confining the mobile code, which leads to impair the function of mobile code. Java is widely used in mobile code systems. We propose a method that does less restriction to the Java mobile code while protecting the host. The approach is to analyze the Java bytecode security-relevant behavior prior to its execution, thus to ensure two major aspects of host security ntegrity and confidentiality. We extend bytecode dependence analysis technique to adapt information flow analysis. A prototype implementation is under development. This tool will be used to analyze Java class file, applet and mobile agent.

Keywords

Java; data integrity; data privacy; distributed programming; program compilers; security of data; Java bytecode dependence analysis; confidentiality; information flow analysis; integrity; mobile code security; Computer networks; Data security; Distributed computing; Information analysis; Information security; Information systems; Java; Mobile agents; Protection; Prototypes;

fLanguage

English

Publisher

ieee

Conference_Titel

Communications and Information Technology, 2004. ISCIT 2004. IEEE International Symposium on

Print_ISBN

0-7803-8593-4

Type

conf

DOI

10.1109/ISCIT.2004.1413854

Filename

1413854