Abstract
This paper discusses extensions to the functional language Erlang which provide a secure execution environment for remotely sourced code. This is in contrast to much existing work which has focused on securing procedural languages. Using a language such as Erlang provides a high degree of inherent run-time safety, which means effort can be focused on providing a suitable degree of system safety. We found that the main changes needed were the use of unforgeable (capability) references with access rights to control the use of system resources; the provision of a hierarchy of execution nodes to provide custom views of the resources available and to impose utilisation limits; and support for remote module loading. We then discuss prototype implementations of these changes, used to evaluate their utility and impact on visibility for the users of the language, and mention work in progress using this foundation to specify safety policies by filtering messages to server processes.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Adl-Tabatabai, A.-R., Langdale, G., Lucco, S., Wahbe, R.: Efficient and Language Independent Mobile Programs. SIGPLAN 31(5), 127–136 (1996)
Anderson, M., Pose, R.D., Wallace, C.S.: A Password Capability System. The Computer Journal 29(1), 1–8 (1986)
Armstrong, J.: Erlang - A Survey of the Language and its Industrial Applications. In: INAP 1996 - The 9th Exhibitions and Symposium on Industrial Applications of Prolog, Hino, Tokyo, Japan (October 1996), http://www.ericsson.se/cslab/erlang/publications/inap96.ps.
Armstrong, J., Virding, R., Wikstrom, C., Williams, M.: Concurrent Programming in Erlang, 2nd edn. Prentice Hall, Englewood Cliffs (1996), http://www.erlang.org/download/erlangbooktoc.html
Armstrong, J.: The Development of Erlang. In: Proceedings of the ACM SIGPLAN International Conference on Functional Programming, pp. 196–203. ACM, New York (1997)
Arnold, K., Gosling, J.: The Java programming Language, 2nd edn. Addison-Wesley, Reading (1998), 0201310066
Bellare, M., Canetti, R., Krawczyk, H.: Keyed Hash Functions and Message Authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996), http://www.research.ibm.com/security/keyed-md5.html
Brown, L.: Mobile Code Security. In: AUUG 1996 and Asia Pacific World Wide Web 2nd Joint Conference, AUUG, Sydney, Australia, pp. 46–55 (1996), http://www.adfa.edu.au/~lpb/papers/mcode96.html
Brown, L.: SSErl - Prototype of a Safer Erlang. Technical Report CS04/97, School of Computer Science, Australian Defence Force Academy, Canberra, Australia (November 1997), http://www.adfa.edu.au/~lpb/papers/tr9704.html
Brown, L.: Custom Safety Policies in SSErl. Technical note, School of Computer Science, Australian Defence Force Academy, Canberra, Australia (June 1999), http://www.adfa.edu.au/~lpb/research/sserl/sspol99.html
Connolly, D.: Issues in the Development of Distributed Hypermedia Applications (December 1996), http://www.w3.org/OOP/HyperMediaDev
Connolly, D.: Mobile Code (December 1996), http://www.w3.org/MobileCode/
Dean, D., Felten, E.W., Wallach, D.S.: Java Security: From Hotjava to Netscape and Beyond. In: Proceedings IEEE Symposium on Security and Privacy. IEEE, Los Alamitos (1996), http://www.cs.princeton.edu/sip/pub/secure96.html
Hashii, B., Lal, M., Pandey, R., Samorodin, S.: Securing Systems Against External Programs. IEEE Internet Computing 2(6), 35–45 (1998)
Hughes, J.: Why Functional Programming Matters. Computer Journal 32(2), 98–107 (1989), http://www.cs.chalmers.se/~rjmh/Papers/whyfp.ps
Jonsson, I., Naeser, G., Sahlin, D., et al.: Adapting Erlang for Secure Mobile Agents. In: Practical Applications of Intelligent Agents and Multi-Agents: PAAM 1997, London, UK (April 1997), http://www.ericsson.se/cslab/~dan/reports/paam97/final/paam97.ps
Krawczyk, H., Bellare, M., Canetti, R.: HMAC: Keyed-Hashing for Message Authentication. Rfc 2104, IETF (February 1997)
Leroy, X.: Objective CAML. Technical report, INRIA (1997), http://pauillac.inria.fr/ocaml/
Lucco, S., Sharp, O., Wahbe, R.: Omniware: A Universal Substrate for Mobile Code. In: Fourth International World Wide Web Conference, MIT, Cambridge (1995), http://www.w3.org/pub/Conferences/WWW4/Papers/165/
McGraw, G., Felton, E.W.: Java Security: Hostile Applets, Holes, and Antidotes. Wiley, Chichester (1997), 047117842X
Naeser, G.: Your First Introduction to Safeerlang. Technical report, Dept. Computer Science, Uppsala University, Sweden (January 1997), ftp://ftp.csd.uu.se/pub/papers/masters-theses/0109-naeser.ps.gz
Oaks, S.: Java Security. O’Reilly (1998), 1565924037
Ousterhout, J.K., Levy, J.Y., Welch, B.B.: The Safe-Tcl Security Model. Technical report, Sun Microsystems Laboratories, Mountain View, CA 94043-1100, USA (November 1996), http://www.sunlabs.com/research/tcl/safeTcl.ps
Rubin, A.D., Gee Jr., D.E.: Mobile Code Security. IEEE Internet Computing 2(6), 30–34 (1998)
Sahlin, D.: The Concurrent Functional Programming Language Erlang - An Overview. In: Workshop on Multi-Paradigm Logic Programming, Joint Intl. Conf. and Symposium on Logic Programming, Bonn (1996), http://www.ericsson.se/cslab/~dan/reports/mplp/web/mplp.html
Systems, E.: Open Source Erlang Distribution (1999), http://www.erlang.org/
Tanenbaum, A.S., van Renesse, R., van Staveren, H., Sharp, G.J., Mullender, S.J., Jansen, J., van Rossum, G.: Experences with the Amoeba Distributed Operating System. Communications of the ACM 33(12), 46–63 (1990)
Thorn, T.: Programming Languages for Mobile Code. ACM Computing Surveys 29(3), 213–239 (1997)
Wallach, D.S., Balfanz, D., Dean, D., Felten, E.W.: Extensible Security Architectures for Java. In: Proceedings of the Symposium on Operating Systems Principles, pp. 116–128. ACM, New York (1997)
Wikstrom, C.: Distributed Programming in Erlang. In: PASCO 1994 - First International Symposium on Parallel Symbolic Computation (September 1994), http://www.ericsson.se/cslab/erlang/publications/dist-erlang.ps
Yellin, F.: Low Level Security in Java. In: Fourth International World Wide Web Conference. MIT, Cambridge (1995), http://www.w3.org/pub/Conferences/WWW4/Papers/197/40.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Brown, L., Sahlin, D. (1999). Extending Erlang for Safe Mobile Code Execution. In: Varadharajan, V., Mu, Y. (eds) Information and Communication Security. ICICS 1999. Lecture Notes in Computer Science, vol 1726. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-47942-0_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-47942-0_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66682-0
Online ISBN: 978-3-540-47942-0
eBook Packages: Springer Book Archive