Dynamic Adaptation of the Security Properties of Applications and Components

Applications and components are exposed to different security threats in different environments. We want to tailor the defence of these applications and components to the particular threats faced by them in the target execution environment. Ideally we want to be able to adapt applications and components as they are downloaded into the execution environment. However, one problem with this approach is that the application source code may not be available. In this paper, we describe a mechanism based on a metaobject protocol approach that allows dynamic reconfiguration of the behaviour of downloaded applications with no need for access to source code and only minor modifications to the code that launches the application. As an illustration we look at a case study of a real thin client application and how the various security threats it is exposed to in different execution environments can be neutralised.