The University of Southampton
University of Southampton Institutional Repository

Extending execution tracing for mobile code security

Extending execution tracing for mobile code security
Extending execution tracing for mobile code security
The problem of protecting mobile code from both denial-of-service and state tampering attacks by malicious hosts are not well addressed in existing techniques for mobile code security. We propose a possible approach based on extending an existing mobile code security technique: cryptographic tracing. This is achieved through the introduction of a trusted third party, the verification server, which undertakes the verification of execution traces on behalf of the agent owner. The interaction between the verification servers and host platforms in the new protocol is outlined. Security properties of the protocol are verified by modelling the system in CSP and checking the resulting state transitions using the model checker FDR. Limitations of this approach to verification are then briefly discussed.
51-59
Tan, Hock Kim
fbafc283-5abf-4b64-8135-3295216bbd4e
Moreau, Luc
033c63dd-3fe9-4040-849f-dfccbe0406f8
Fischer, Klaus
f2b62420-ffb1-4dbe-a11b-0005bfbcb82e
Hutter, Dieter
9ea5b874-bc28-4e75-af5f-72f55b065673
Tan, Hock Kim
fbafc283-5abf-4b64-8135-3295216bbd4e
Moreau, Luc
033c63dd-3fe9-4040-849f-dfccbe0406f8
Fischer, Klaus
f2b62420-ffb1-4dbe-a11b-0005bfbcb82e
Hutter, Dieter
9ea5b874-bc28-4e75-af5f-72f55b065673

Tan, Hock Kim and Moreau, Luc (2002) Extending execution tracing for mobile code security. Fischer, Klaus and Hutter, Dieter (eds.) Second International Workshop on Security of Mobile MultiAgent Systems (SEMAS'2002), Bologna, Italy. pp. 51-59 .

Record type: Conference or Workshop Item (Paper)

Abstract

The problem of protecting mobile code from both denial-of-service and state tampering attacks by malicious hosts are not well addressed in existing techniques for mobile code security. We propose a possible approach based on extending an existing mobile code security technique: cryptographic tracing. This is achieved through the introduction of a trusted third party, the verification server, which undertakes the verification of execution traces on behalf of the agent owner. The interaction between the verification servers and host platforms in the new protocol is outlined. Security properties of the protocol are verified by modelling the system in CSP and checking the resulting state transitions using the model checker FDR. Limitations of this approach to verification are then briefly discussed.

Text
semas02 - Accepted Manuscript
Download (14MB)

More information

Published date: 2002
Additional Information: Organisation: DFKI Saarbrucken Series: DFKI Research Report, RR-02-03 Event Dates: June 2002
Venue - Dates: Second International Workshop on Security of Mobile MultiAgent Systems (SEMAS'2002), Bologna, Italy, 2002-06-01
Organisations: Web & Internet Science

Identifiers

Local EPrints ID: 257602
URI: http://eprints.soton.ac.uk/id/eprint/257602
PURE UUID: eb16bb65-03ea-4169-a132-11df211849c1
ORCID for Luc Moreau: ORCID iD orcid.org/0000-0002-3494-120X

Catalogue record

Date deposited: 13 Jun 2003
Last modified: 14 Mar 2024 05:59

Export record

Contributors

Author: Hock Kim Tan
Author: Luc Moreau ORCID iD
Editor: Klaus Fischer
Editor: Dieter Hutter

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×