A Service-oriented Approach to Mobile Code Security
نویسندگان
چکیده
Client software for modern service-oriented web architectures is often implemented as mobile code applets made available by service-providers. Protecting clients from malicious mobile code is therefore an important concern in these architectures; however, the burden of security enforcement is typically placed entirely on the client. This approach violates the service-oriented paradigm. A method of realizing mobile code security as a separate service in a service-oriented web architecture is proposed. The security service performs in-lined reference monitoring of untrusted Java binaries on-demand for client-specified security policies. An XML format for specifying these policies is outlined, and preliminary experiments demonstrate the feasibility of the approach. c © 2011 Published by Elsevier Ltd.
منابع مشابه
Aggrandizing the beast's limbs: patulous code reuse attack on ARM architecture
Since smartphones are usually personal devices full of private information, they are a popular target for a vast variety of real-world attacks such as Code Reuse Attack (CRA). CRAs enable attackers to execute any arbitrary algorithm on a device without injecting an executable code. Since the standard platform for mobile devices is ARM architecture, we concentrate on available ARM-based CRAs. Cu...
متن کاملDwarf Frankenstein is still in your memory: tiny code reuse attacks
Code reuse attacks such as return oriented programming and jump oriented programming are the most popular exploitation methods among attackers. A large number of practical and non-practical defenses are proposed that differ in their overhead, the source code requirement, detection rate and implementation dependencies. However, a usual aspect among these methods is consideration of the common be...
متن کاملSecuring Code in Services Oriented Architecture
SOA proposed security mechanisms are only centered in the data transmitted between service provider and consumer. However, it’s well known that the biggest threats to the integrity of the information are precisely focused not on the data directly but on the code that manages it. Our main statement is that it will only be possible to reach an acceptable level of security if the protection mechan...
متن کاملIntegral Security Model for the Exchange of Objects in Services Oriented Architecture
Nowadays, security approaches and solutions for SOA focus mainly on messages and data, but they forget the code security (both service code and exchanged code). Moreover, some security aspects (e.g. validity, correctness...) are usually forgotten. We state that any security approach will be incomplete if the security of both data (messages) and code (service code) is not addressed in a general ...
متن کاملA Flexible Access Control Service for Java Mobile Code
Mobile Code (MC) technologies provide appealing solutions for the development of Internet applications. For instance, Java technology facilitates dynamic loading of application code Pom remote servers into heterogeneous clients distributed all over the Internet. However, executing foreign code that has been 1oadedfi.om the network raises signixcant security concerns which limit the diffusion of...
متن کامل