Embedding Rule-Based Security Monitors into Java Programs

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Tomi Karlstedt Articles by Ville Lepp?nen Articles by Sanna Tuohimaa

2008 32nd Annual IEEE International Computer Software and Applications Conference

July 28-August 01

ISBN: 978-0-7695-3262-2

	ASCII Text	x
	Tomi Karlstedt, Ville Lepp?nen, Sanna Tuohimaa, "Embedding Rule-Based Security Monitors into Java Programs," Computer Software and Applications Conference, Annual International, pp. 20-27, 2008 32nd Annual IEEE International Computer Software and Applications Conference, 2008.

	BibTex	x
	@article{ 10.1109/COMPSAC.2008.150, author = {Tomi Karlstedt and Ville Lepp?nen and Sanna Tuohimaa}, title = {Embedding Rule-Based Security Monitors into Java Programs}, journal ={Computer Software and Applications Conference, Annual International}, volume = {0}, year = {2008}, issn = {0730-3157}, pages = {20-27}, doi = {http://doi.ieeecomputersociety.org/10.1109/COMPSAC.2008.150}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Software and Applications Conference, Annual International TI - Embedding Rule-Based Security Monitors into Java Programs SN - 0730-3157 SP20 EP27 A1 - Tomi Karlstedt, A1 - Ville Lepp?nen, A1 - Sanna Tuohimaa, PY - 2008 KW - security KW - mobile code KW - runtime monitoring VL - 0 JA - Computer Software and Applications Conference, Annual International ER -

Tomi Karlstedt

Ville Lepp?nen

Sanna Tuohimaa

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/COMPSAC.2008.150

In this paper we study securing mobile code execution by embedding a rule-based security monitor into the mobile code before execution on a platform.??A security monitor guards how the mobile code uses resources of the execution platform.??We consider that this run-time monitoring approach is more practical than providing a proof of security properties along with the mobile code.??Writing execution context related rule-based security policies enables us to be flexible with respect to the restrictions we wish to impose on the mobile code. In our opinion, establishing an authority for certifying the safety of mobile code is too inflexible, since depending on the situation the user might temporarily want to tighten the restrictions. We describe our language for expressing rule-based security policies and show how those policies can be translated into aspects, which together form a run-time security monitor.??In practice, we translate our policy expression to AspectJ with our MPLc compiler and only consider embedding a run-time monitor into Java applications.

Index Terms:

security, mobile code, runtime monitoring

Citation:

Tomi Karlstedt, Ville Lepp?nen, Sanna Tuohimaa, "Embedding Rule-Based Security Monitors into Java Programs," compsac, pp.20-27, 2008 32nd Annual IEEE International Computer Software and Applications Conference, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.