Panel Session: Mobile Code, Internet Security, and E-Commerce
Security of e-applications running over Internet is a major requirement for their widespread use. As discussions in this panel often pointed it out, such kind of applications shows more and more a property of mobility: mobility of code, data, or even mobility of objects, termed agents. But how to enforce security of such mobile components ? Is it at the programming language level, or could it be managed in a completely transparent way for the programmer ? Do we need domain-specific languages that we hope could be trusted or are general-purpose languages enough ? This panel gave some highlights on how adequate the object-oriented language technology could be; at which level of granularity security has to be designed and introduced into the application; why solutions differing from classical cryptography-based solutions are promising.
KeywordsMobile Agent Mobile Object Runtime Environment Sandbox Model Authorisation Policy
Unable to display preview. Download preview PDF.
- 1.S. Loureiro, R. Molva. Privacy for mobile code. Proceedings of distributed object security workshop, OOPSLA’99, Denver, November 1999.Google Scholar
- 2.S. Loureiro, R. Molva, A. Pannetrat. Secure data collection with updates. Proceedings of Workshop on Agent Electronic Commerce, First Asia Pacific Conference on Intelligent Agent Technology, Yimming Yee and Jiming Liu editors, 121–130, Hong-Kong, December 1999.Google Scholar
- 3.S. Loureiro, R. Molva. Mobile Code Protection with Smartcards. Proceedings of ECOOP 2000 workshop on Mobile Object Systems, Sophia Antipolis, France, June 13th, 2000Google Scholar
- 4.E. Bertino, S. Castano, E. Ferrari, M. Mesiti. Specifying and Enforcing Access Control Policies for XML Document Sources. World Wide Web Journal, Baltzer Science Publishers, 3(3), in press.Google Scholar
- 5.E. Bertino, S. Castano, E. Ferrari, M. Mesiti. Controlled Access and Distribution of XML Documents. In Proc. 2nd ACM Workshop on Web Information and Data Management (WIDM’99), Kansas City (Missouri), November 1999. ACM Press.Google Scholar
- 6.C. Bryce, C. Razafimahefa, An Approach to Safe Object Sharing, in OOPSLA 2000.Google Scholar
- 7.C. Bryce, J. Vitek, The JavaSeal Mobile Agent Kernel, to appear in Autonomous Agents and Multi-Agent Systems JournalGoogle Scholar
- 8.Doug Lea. Concurrent Programming in Java: Design principles and patterns, Addison-Wesley. Second edition, November 1999.Google Scholar
- 9.M. Abadi, C. Fournet, G. Gonthier. Authentication Primitives and their Compilation. Proceedings of the 27th ACM Symposium on Principles of Programming Languages (POPL’00), 302–315. January 2000.Google Scholar
- 10.M. Abadi, C. Fournet, G. Gonthier. Secure Communications Processing for Distributed Languages. Proceedings of the 1999 IEEE Symposium on Security and Privacy (S&P’99), 74–88. May 1999.Google Scholar