Abstract
Many programming languages have been developed and implemented for mobile code environments. They are typically quite expressive. But while security is an important aspect of any mobile code technology, it is often treated after the fundamental design is complete, in ad hoc ways. In the end, it is unclear what security guarantees can be made for the system. We argue that mobile programming languages should be designed around certain security properties that hold for all well-formed programs. This requires a better understanding of the relationship between programming language design and security. Appropriate security properties must be identified. Some of these properties and related issues are explored.
This material is based upon activities supported by DARPA and the National Science Foundation under Agreement Nos. CCR-9612176 and CCR-9612345.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
James P. Anderson. Computer security technology planning study. Technical Report ESD-TR-73-51, Electronic Systems Division, Hanscom Field, Bedford, MA, 1972.
Brian Bershad, et al. Extensibility, safety and performance in the SPIN operating system. In Proc. 15th Symposium on Operating Systems Principles, pages 267–284, December 1995.
K. Biba. Integrity considerations for secure computer systems. Technical Report ESD-TR-76-372, MITRE Corp., 1977.
Dorothy Denning. Secure Information Flow in Computer Systems. PhD thesis, Purdue University, West Lafayette, IN, May 1975.
Dorothy Denning. A lattice model of secure information flow. Communications of the ACM, 19(5):236–242, 1976.
Dorothy Denning and Peter Denning. Certification of programs for secure information flow. Communications of the ACM, 20(7):504–513, 1977.
Steven T. Eckmann. Eliminating formal flows in automated information flow analysis. In Proceedings 1994 IEEE Symposium on Security and Privacy, Oakland, CA, May 1994.
D.R. Engler, et al. Exokernel: An operating system architecture for application-level resource management. In Proc. 15th Symposium on Operating Systems Principles, December 1995.
J. Fenton. Information Protection Systems. PhD thesis, University of Cambridge, 1973.
Todd Fine. A foundation for covert channel analysis. In Proc. 15th National Computer Security Conference, Baltimore, MD, October 1992.
Li Gong, Marianne Mueller, Hemma Prafullchandra, and Roland Schemers. Going beyond the sandbox: An overview of the new security architecture in the Java Development Kit 1.2. In Proceedings USENIX Symposium on Internet Technologies and Systems, Monterey, CA, December 1997.
James W. Gray, III. Probabilistic interference. In Proceedings 1990 IEEE Symposium on Security and Privacy, pages 170–179, Oakland, CA, May 1990.
James W. Gray, III. Toward a mathematical foundation for information flow security. In Proceedings 1991 IEEE Symposium on Security and Privacy, pages 21–34, Oakland, CA, May 1991.
James W. Gray, III and Paul F. Syverson. A logical approach to multilevel security of probabilistic systems. In Proceedings 1992 IEEE Symposium on Security and Privacy, pages 164–176, Oakland, CA, May 1992.
David Halls, John Bates, and Jean Bacon. Flexible distributed programming using mobile code. In Proc. 7th ACM SIGOPS European Workshop, Systems Support for Worldwide Applications, Connemara, Ireland, September 1996.
Robert Harper. A simplified account of polymorphic references. Information Processing Letters, 51:201–206, 1994.
Wilson C. Hsieh, et al. Language support for extensible operating systems. Unpublished manuscript. Available at http://www.spin.cs.washington.edu, 1996.
Java Card 2.0 Language Subset and Virtual Machine Specification. Sun Microsystems, October 1997.
Cliff B. Jones. Some practical problems and their influence on semantics. In Proceedings of the 6th European Symposium on Programming, volume 1058 of Lecture Notes in Computer Science, pages 1–17, April 1996.
Paul Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS and other systems. In Proceedings 16th Annual Crypto Conference, August 1996.
Butler W. Lampson. A note on the confinement problem. Communications of the ACM, 16(10):613–615, 1973.
Carl E. Landwehr. Formal models for computer security. Computing Surveys, 13(3):247–278, 1981.
Leonard J. LaPadula and D. Elliot Bell. MITRE Technical Report 2547, Volume II. Journal of Computer Security, 4(2,3):239–263, 1996.
X. Leroy and F. Rouaix. Security properties of typed applets. In Proceedings 25th Symposium on Principles of Programming Languages, pages 391–403, San Diego, CA, January 1998.
Catherine Meadows. Detecting attacks on mobile agents. In Proc. 1997 Foundations for Secure Mobile Code Workshop, pages 64–65, Monterey, CA, March 1997.
Yaron Minsky, Robbert van Renesse, Fred B. Schneider, and Scott Stoller. Cryptographic support for fault-tolerant distributed computing. In Proc. 7th ACM SIGOPS European Workshop, Systems Support for Worldwide Applications, Connemara, Ireland, September 1996.
George Necula and Peter Lee. Proof-carrying code. In Proceedings 24th Symposium on Principles of Programming Languages, Paris, France, 1997.
J.H. Saltzer. Case studies of protection system failures. Appendix 6-A, unpublished course notes on The Protection of Information in Computer Systems., 1975.
Vijay Saraswat. Java is not type-safe. Unpublished manuscript. Available at http://www.research.att.com/~vj/bug.html., 1997.
Geoffrey Smith and Dennis Volpano. Towards an ML-style polymorphic type system for C. In Proceedings of the 6th European Symposium on Programming, volume 1058 of Lecture Notes in Computer Science, pages 341–355, April 1996.
Geoffrey Smith and Dennis Volpano. Secure information flow in a multi-threaded imperative language. In Proceedings 25th Symposium on Principles of Programming Languages, pages 355–364, San Diego, CA, January 1998.
Geoffrey Smith and Dennis Volpano. A sound polymorphic type system for a dialect of C. Science of Computer Programming, 32(2–3), 1998.
D.L. Tennenhouse, J.M. Smith, W.D. Sincoskie, D.J. Wetherall, and G.J. Minden. A survey of active network research. IEEE Communications, 35(1):80–86, January 1997.
Tommy Thorn. Programming languages for mobile code. Computing Surveys, 29(3):213–239, 1997.
Dennis Volpano and Geoffrey Smith. Eliminating covert flows with minimum typings. In Proc. 10th IEEE Computer Security Foundations Workshop, pages 156–168, June 1997.
Dennis Volpano and Geoffrey Smith. A type-based approach to program security. In Proc. Theory and Practice of Software Development, volume 1214 of Lecture Notes in Computer Science, pages 607–621, April 1997.
Dennis Volpano, Geoffrey Smith, and Cynthia Irvine. A sound type system for secure flow analysis. Journal of Computer Security, 4(2,3):167–187, 1996.
David J. Wetherall and David L. Tennenhouse. The ACTIVE IP option. In Proc. 7th ACM SIGOPS European Workshop, Systems Support for Worldwide Applications, Connemara, Ireland, September 1996.
J. Todd Wittbold and Dale M. Johnson. Information flow in nondeterministic systems. In Proceedings 1990 IEEE Symposium on Security and Privacy, pages 144–161, Oakland, CA, May 1990.
Bennet S. Yee. A sanctuary for mobile agents. In Proc. 1997 Foundations for Secure Mobile Code Workshop, pages 21–27, Monterey, CA, March 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Volpano, D., Smith, G. (1998). Language Issues in Mobile Program Security. In: Vigna, G. (eds) Mobile Agents and Security. Lecture Notes in Computer Science, vol 1419. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-68671-1_3
Download citation
DOI: https://doi.org/10.1007/3-540-68671-1_3
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64792-8
Online ISBN: 978-3-540-68671-2
eBook Packages: Springer Book Archive