ACM Transactions on Programming Languages and Systems (TOPLAS)
The DIAMOND security policy for object-oriented databases
CSC '92 Proceedings of the 1992 ACM annual conference on Communications
Fundamentals of computer security technology
Fundamentals of computer security technology
ActiveX sourcebook: build an ActiveX-based web site
ActiveX sourcebook: build an ActiveX-based web site
Safe kernel extensions without run-time checking
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
Programming languages for mobile code
ACM Computing Surveys (CSUR)
A protection scheme for mobile agents on Java
MobiCom '97 Proceedings of the 3rd annual ACM/IEEE international conference on Mobile computing and networking
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Java virtual machine
Dynamic class loading in the Java virtual machine
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
The Java programming language (2nd ed.)
The Java programming language (2nd ed.)
Certification of programs for secure information flow
Communications of the ACM
Protection in operating systems
Communications of the ACM
Security issues surrounding programming languages for mobile code: JAVA vs. Safe-Tcl
ACM SIGOPS Operating Systems Review
Java Security: Present and Near Future
IEEE Micro
A Flexible Security System for Using Internet Content
IEEE Software
Agent Tcl: Targeting the Needs of Mobile Computers
IEEE Internet Computing
Mobile Agents: Are They a Good Idea?
MOS '96 Selected Presentations and Invited Papers Second International Workshop on Mobile Object Systems - Towards the Programmable Internet
Specifying a security policy: a case study
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Authorization in Distributed Systems: A Formal Approach
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Analyzing consistency of security policies
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
The Safe-Tcl Security Model
USITS'97 Proceedings of the USENIX Symposium on Internet Technologies and Systems on USENIX Symposium on Internet Technologies and Systems
Resource access control for an internet user agent
COOTS'97 Proceedings of the 3rd conference on USENIX Conference on Object-Oriented Technologies (COOTS) - Volume 3
Itinerant Agents for Mobile Computing
IEEE Communications Surveys & Tutorials
Runtime Support for Type-Safe Dynamic Java Classes
ECOOP '00 Proceedings of the 14th European Conference on Object-Oriented Programming
A Contract-Based Approach of Resource-Constrained Software Deployment
CD '02 Proceedings of the IFIP/ACM Working Conference on Component Deployment
Fine-Grained Access Control with Object-Sensitive Roles
Genoa Proceedings of the 23rd European Conference on ECOOP 2009 --- Object-Oriented Programming
Method-Specific Java Access Control via RMI Proxy Objects Using Annotations
ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Authorization enforcement usability case study
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Hi-index | 0.02 |
There is considerable interest in programs that can migrate from one host to another and execute. Mobile programs are appealing because they support efficient utilization of network resources and extensibility of information servers. However, since they cross administrative domains, they have the ability to access and possibly misuse a host's protected resources. In this paper, we present a novel approach for controlling and protecting a site's resources. In this approach, a site uses a declarative policy language to specify a set of constraints on accesses to resources. A set of code transformation tools enforces these constraints on mobile programs by integrating the access constraint checking code directly into the mobile program and resource definitions. Because our approach does not require resources to make explicit calls to a reference monitor, it does not depend upon a specific runtime system implementation.