ACM Transactions on Internet Technology (TOIT)
White-Box Cryptography and an AES Implementation
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
Protecting Mobile Code in the Wild
IEEE Internet Computing
Verifiable distributed oblivious transfer and mobile agent security
DIALM-POMC '03 Proceedings of the 2003 joint workshop on Foundations of mobile computing
Code protection for resource-constrained embedded devices
Proceedings of the 2004 ACM SIGPLAN/SIGBED conference on Languages, compilers, and tools for embedded systems
RDS: Remote Distributed Scheme for Protecting Mobile Agents
AAMAS '04 Proceedings of the Third International Joint Conference on Autonomous Agents and Multiagent Systems - Volume 1
Approaches to fault-tolerant and transactional mobile agent execution---an algorithmic view
ACM Computing Surveys (CSUR)
Secure agent computation: X.509 proxy certificates in a multi-lingual agent framework
Journal of Systems and Software - Special issue: Software engineering education and training
Verifiable distributed oblivious transfer and mobile agent security
Mobile Networks and Applications
SAgent: a security framework for JADE
AAMAS '06 Proceedings of the fifth international joint conference on Autonomous agents and multiagent systems
Secure mobile agent system and its application in the trust building process of virtual enterprises
Multiagent and Grid Systems
Extending tamper-proof hardware security to untrusted execution environments
CARDIS'02 Proceedings of the 5th conference on Smart Card Research and Advanced Application Conference - Volume 5
Software issues in digital forensics
ACM SIGOPS Operating Systems Review
Financial Cryptography and Data Security
Enforcing security in the AgentScape middleware
Proceedings of the 2008 workshop on Middleware security
Advanced mobile agent security models for code integrity and malicious availability check
Journal of Network and Computer Applications
Robust combiners for software hardening
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
An attack and repair of secure web transaction protocol for anonymous mobile agents
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Policy-based authentication for mobile agents
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
Twin clouds: secure cloud computing with low latency
CMS'11 Proceedings of the 12th IFIP TC 6/TC 11 international conference on Communications and multimedia security
Gate evaluation secret sharing and secure one-round two-party computation
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Secure mediation with mobile code
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Hybrid approach for secure mobile agent computations
MADNES'05 Proceedings of the First international conference on Secure Mobile Ad-hoc Networks and Sensors
Towards remote policy enforcement for runtime protection of mobile code using trusted computing
IWSEC'06 Proceedings of the 1st international conference on Security
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Hi-index | 0.00 |
Abstract: This paper addresses the protection of mobile code against cheating and potentially malicious hosts. We point out that the recent approach based on computing with "encrypted functions" is limited to the case where only the code originator learns the result of the computation and the host running the code must not notice anything at all. We argue that if the host is to receive some output of the computation, then securing mobile code requires minimal trust in a third party. Tamper-proof hardware installed on each host has been proposed for this purpose. In this paper we introduce a new approach for securely executing (fragments of) mobile code that relies on a minimally trusted third party. This party is a generic independent entity, called the secure computation service, which performs some operations on behalf of the mobile application, but does not learn anything about the encrypted computation. Because it is universal, the secure computation service needs to be only minimally trusted and can serve many different applications. We present a protocol based on tools from theoretical cryptography that is quite practical for computing small functions.