Computer Science – Cryptography and Security
Scientific paper
1999-08-12
Computer Science
Cryptography and Security
preprint of a paper to appear in IEEE Transactions on Software Engineering
Scientific paper
Mobile code presents a number of threats to machines that execute it. We introduce an approach for protecting machines and the resources they hold from mobile code, and describe a system based on our approach for protecting host machines from Java 1.1 applets. In our approach, each Java applet downloaded to the protected domain is rerouted to a dedicated machine (or set of machines), the {\em playground}, at which it is executed. Prior to execution the applet is transformed to use the downloading user's web browser as a graphics terminal for its input and output, and so the user has the illusion that the applet is running on her own machine. In reality, however, mobile code runs only in the sanitized environment of the playground, where user files cannot be mounted and from which only limited network connections are accepted by machines in the protected domain. Our playground thus provides a second level of defense against mobile code that circumvents language-based defenses. The paper presents the design and implementation of a playground for Java 1.1 applets, and discusses extensions of it for other forms of mobile code including Java 1.2.
Malkhi Dahlia
Reiter Michael
No associations
LandOfFree
Secure Execution of Java Applets using a Remote Playground does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.
If you have personal experience with Secure Execution of Java Applets using a Remote Playground, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure Execution of Java Applets using a Remote Playground will most certainly appreciate the feedback.
Profile ID: LFWR-SCP-O-662823