Extending execution tracing for mobile code security
Extending execution tracing for mobile code security
The problem of protecting mobile code from both denial-of-service and state tampering attacks by malicious hosts are not well addressed in existing techniques for mobile code security. We propose a possible approach based on extending an existing mobile code security technique: cryptographic tracing. This is achieved through the introduction of a trusted third party, the verification server, which undertakes the verification of execution traces on behalf of the agent owner. The interaction between the verification servers and host platforms in the new protocol is outlined. Security properties of the protocol are verified by modelling the system in CSP and checking the resulting state transitions using the model checker FDR. Limitations of this approach to verification are then briefly discussed.
51-59
Tan, Hock Kim
fbafc283-5abf-4b64-8135-3295216bbd4e
Moreau, Luc
033c63dd-3fe9-4040-849f-dfccbe0406f8
Fischer, Klaus
f2b62420-ffb1-4dbe-a11b-0005bfbcb82e
Hutter, Dieter
9ea5b874-bc28-4e75-af5f-72f55b065673
2002
Tan, Hock Kim
fbafc283-5abf-4b64-8135-3295216bbd4e
Moreau, Luc
033c63dd-3fe9-4040-849f-dfccbe0406f8
Fischer, Klaus
f2b62420-ffb1-4dbe-a11b-0005bfbcb82e
Hutter, Dieter
9ea5b874-bc28-4e75-af5f-72f55b065673
Tan, Hock Kim and Moreau, Luc
(2002)
Extending execution tracing for mobile code security.
Fischer, Klaus and Hutter, Dieter
(eds.)
Second International Workshop on Security of Mobile MultiAgent Systems (SEMAS'2002), Bologna, Italy.
.
Record type:
Conference or Workshop Item
(Paper)
Abstract
The problem of protecting mobile code from both denial-of-service and state tampering attacks by malicious hosts are not well addressed in existing techniques for mobile code security. We propose a possible approach based on extending an existing mobile code security technique: cryptographic tracing. This is achieved through the introduction of a trusted third party, the verification server, which undertakes the verification of execution traces on behalf of the agent owner. The interaction between the verification servers and host platforms in the new protocol is outlined. Security properties of the protocol are verified by modelling the system in CSP and checking the resulting state transitions using the model checker FDR. Limitations of this approach to verification are then briefly discussed.
Text
semas02
- Accepted Manuscript
More information
Published date: 2002
Additional Information:
Organisation: DFKI Saarbrucken Series: DFKI Research Report, RR-02-03 Event Dates: June 2002
Venue - Dates:
Second International Workshop on Security of Mobile MultiAgent Systems (SEMAS'2002), Bologna, Italy, 2002-06-01
Organisations:
Web & Internet Science
Identifiers
Local EPrints ID: 257602
URI: http://eprints.soton.ac.uk/id/eprint/257602
PURE UUID: eb16bb65-03ea-4169-a132-11df211849c1
Catalogue record
Date deposited: 13 Jun 2003
Last modified: 14 Mar 2024 05:59
Export record
Contributors
Author:
Hock Kim Tan
Author:
Luc Moreau
Editor:
Klaus Fischer
Editor:
Dieter Hutter
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics