The Conceptual Basis for Mediation Services
IEEE Expert: Intelligent Systems and Their Applications
On the (Im)possibility of Obfuscating Programs
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Protecting the Computation Results of Free-Roaming Agents
MA '98 Proceedings of the Second International Workshop on Mobile Agents
Mobile Agents and Security
Protecting Mobile Agents Against Malicious Hosts
Mobile Agents and Security
Safe, Untrusted Agents Using Proof-Carrying Code
Mobile Agents and Security
Secure mediation: requirements, design, and architecture
Journal of Computer Security - IFIP 2000
Cryptographic Security for Mobile Code
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Malicious Cryptography: Exposing Cryptovirology
Malicious Cryptography: Exposing Cryptovirology
Proof linking: a modular verification architecture for mobile code systems
Proof linking: a modular verification architecture for mobile code systems
Secure coprocessors in electronic commerce applications
WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
| Hi-index | 0.00 |
A mediator helps a client of a distributed information system to acquire data without contacting each datasource. We show how mobile code can be used to ensure confidentiality of data in a secure mediation system. We analyze what advantages mobile code has over mobile data for secure mediation. We present a Java implementation of a system that mediates SQL queries. Security risks for the client and the mobile code are delineated; offending the integrity of its own data is identified as a special type of attack of mobile code in a mediation system. We name appropriate countermeasures and describe the amount of trust needed in our system. As an extension, we consider security in a hierarchy of mediators. Finally, we combine mobile code with mobile agent technology.