D. Hagimont and L. Ismail. A Protection Scheme for Mobile Agents on Java. In Proceedings of the International Conference on Mobile Computing and Networking, 1997.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....plays the role of the Security Manager. It uses the SecurityToken of the applet to determine the capabilities of that applet, throwing a security exception if the needed capability is not there. Other capability systems have been proposed by JavaSoft, Electric Communities, and Hagimont and Ismail [29]. Similarly, Nagaratnam and Byrne [30] provide a more flexible mechanism for controlling accesses to resources. Our approach differs from these works in that we propose a framework for implementing various security models and policies, including the ones implemented in [28]and[30] Sun redesigned ....

Hagimont D, Ismail L. A protection scheme for mobile agents on Java. Mobicom '97, Budapest, Hungary. ACM, 1997; 215--222.

....of how a series of byte codes has to be changed to for instance implement authentication will be even harder. Checking and debugging the result will also be dicult. 12 There is also research into a more declarative description of security properties for an application [Evans and Twyman, 1999, Hagimont and Ismail, 1997]. This corresponds to an aspect oriented language of the rst type of section 2. The real challenge here is to think of the right abstractions the description will consist of. This is not at all an evident matter, certainly if a goal is to be generic. We think it is better to rst experiment with a ....

Hagimont, D. and Ismail, L. (1997). A Protection Scheme for Mobile Agents on Java. In Proceedings of the International Conference on Mobile Computing and Networking.

....personalized tours, language translation, note taking, synchronous communication and group interaction. Some concrete services suggested were Cartographer, Librarian, Navigator, and Messenger. Many more applications are well covered by the model, even if mobile IT use is not on their agenda. Hagimont and Ismail (1997) describe a protection scheme for mobile agents, in which access to objects is controlled by means of mutually suspicious agents. It is concerned with the use of mobile code to support stationary work. It is still possible to apply the model to the use of the protection scheme, for instance in the ....

D. Hagimont and L. Ismail., "A protection scheme for mobile agents on Java," In Proceedings of MobiCom: International Conference on Mobile Computing and Networking, Budapest, Hungary, pp. 215-222, 1997.

....previous system components to get the local replica. Another stub extension (called lgtp) modifies the normal gtp extension, in order to always send messages to the local site (i.e. to the local replica, and not to the original component) Component protection by hidden software capabilities (see [3] for details) can be implemented by using filters between a client and a server. A client filter essentially sets the access rights the client wish to give on the objects it exports. For this, a client filter installs server filters on each exported object. A server filter essentially checks that ....

D. Hagimont, and L. Ismail, "A Protection Scheme for Mobile Agents on Java", Proc. Third ACM/IEEE Int. Conf on Mobile Computing and Networking (MobiCom'97), Budapest, September 1997.

....the 25 JVM [62] Agent Tcl provides some basic security support [28, 44] the Mole project [9] and Concordia addresses security together with persistence. M0 [75] and Voyager [26] investigate mobile agents as mobile objects. A capability based system is suggested in work by Hagimont and Ismail [31] and protection of an agent application is researched in [64] A new capability based system was developed by Shapiro et al. 67] Bryce and Vitek developed a mobile agent kernel that addresses Java security limitations [16] Security of mobile agents has been presented in a book by Vigna [76] A ....

D. Hagimont, and L. Ismail, "A Protection Scheme for Mobile Agents on Java," Proceedings of the 3rd ACM/IEEE International Conference on Mobile Computing and Networking, September 1997.

....object plays the role of the Security Manager. It uses the SecurityToken of the applet to determine the capabilities of that applet, throwing a security exception if the needed capability is not there. Other capability systems have been proposed by JavaSoft, Electric Communities, and [16]. Similarly, the approach in [28] provides a more exible mechanisms for controlling accesses to resources. Our approach di ers from these works in that we propose a framework for implementing various security models and policies, including the ones implemented in [20] and [28] Sun redesigned ....

D. Hagimont and L. Ismail. A protection scheme for mobile agents on Java. In Mobicom '97, pages 215-222, Budapest, Hungary, 1997. ACM.

....object plays the role of the Security Manager. It uses the SecurityToken of the applet to determine the capabilities of that applet, throwing a security exception if the needed capability is not there. Other capability systems have been proposed by JavaSoft, Electric Communities, and [10]. Similarly, the approach in [18] provides a more flexible mechanisms for controlling accesses to resources. Our approach differs from these works in that we propose a framework for implementing various security models and policies (including the ones implemented in [13] and [18] Sun recently ....

D. Hagimont and L. Ismail. A protection scheme for mobile agents on java. In Mobicom '97, pages 215--222, Budapest, Hungary, 1997. ACM.

....language based protection, calls across protection boundaries could potentially be as cheap as simple function calls, enabling as much communication between components as desired without performance drawbacks. But language based protection alone does not make an operating system. Several projects [1, 2, 3, 8, 11, 14, 35] have recently described how to build protection domains around components in a safe language environment. The central idea is to use object references (i.e. pointers to objects) as capabilities for cross domain communication. Object references in safe languages are unforgeable and can thus be ....

....distributed systems. E s security architecture is capability based; programmers are encouraged to use object references as the fundamental building block for protection. Odyssey [11] is a system that supports mobile agents written in Java; agents may share Java objects directly. Hagimont et al. [14] describe a system to support capabilities defined with special IDL files. All three of these systems allow non capability objects to be passed directly between domains, and generally correspond to the share anything approach described in Section 2. They do not address the issues of revocation, ....

D. Hagimont, and L. Ismail. A Protection Scheme for Mobile Agents on Java. 3rd Annual ACM/IEEE Int'l Conference on Mobile Computing and Networking, Budapest, Hungary, September 2630, 1997.

....translation, note taking, synchronous communication and group interaction. Some concrete services suggested were: Cartographer, Librarian, Navigator, and Messenger. Many more applications are well covered by the model, even if mobile IT use is not on their agenda. Hagimont and Ismail [5] describe a protection scheme for mobile agents, in which access to objects is controlled by means of mutually suspicious agents. It is concerned with the use of mobile code to support stationary work. It is still possible to apply the model to the use of the protection scheme, for instance ....

D. Hagimont and L. Ismail., "A protection scheme for mobile agents on Java," In Proceedings of MobiCom: International Conference on Mobile Computing and Networking, Budapest, Hungary, pp. 215-222, 1997.

....note taking, synchronous communication and group interaction. Some concrete services suggested were Cartographer, Librarian, Navigator, and Messenger. Lecture Notes in Computer Science 14 Many more applications are well covered by the model, even if mobile IT use is not on their agenda. Hagimont and Ismail (1997) describe a protection scheme for mobile agents, in which access to objects is controlled by means of mutually suspicious agents. It is concerned with the use of mobile code to support stationary work. It is still possible to apply the model to the use of the protection scheme, for instance in the ....

Hagimont, D. & L. Ismail., "A protection scheme for mobile agents on Java," In Proceedings of MobiCom: International Conference on Mobile Computing and Networking, Budapest, Hungary, pp. 215-222, 1997.

....The concept of proxies was first developed by Shapiro [22] We use proxies to act as capabilities. These may include the identity of the client, thus acting as identity based capabilities [4] and may also contain accounting information, as suggested in [18] The protection scheme described in [7] has some conceptual similarities to our approach. In [7] the restricted interfaces of proxy classes are statically defined, independently by clients and servers, and automatically interposed in a client server interaction. In contrast, Ajanta supports dynamic definition as well as modification ....

....[22] We use proxies to act as capabilities. These may include the identity of the client, thus acting as identity based capabilities [4] and may also contain accounting information, as suggested in [18] The protection scheme described in [7] has some conceptual similarities to our approach. In [7], the restricted interfaces of proxy classes are statically defined, independently by clients and servers, and automatically interposed in a client server interaction. In contrast, Ajanta supports dynamic definition as well as modification of access privileges assigned to an agent through a proxy. ....

Daniel Hagimont and Leila Ismail. A Protection Scheme for Mobile Agents on Java. In Proceedings of the 3rd ACM/IEEE International Conference on Mobile Computing and Networking, September 1997.

....act as capabilities. A proxy may include the identity of the client, and thus act as an identity based capability[6] One of the contributions of our work lies in supporting proxy based capabilities whose integrity can be assured based on Java s security model. The protection scheme described in [12] has some conceptual similarities to our approach. Both schemes use proxy objects acting as capabilities, instead of direct access to resources. In [12] the restricted interfaces of such proxy classes (called filters) are statically defined, independently by clients and servers. These filters are ....

....work lies in supporting proxy based capabilities whose integrity can be assured based on Java s security model. The protection scheme described in [12] has some conceptual similarities to our approach. Both schemes use proxy objects acting as capabilities, instead of direct access to resources. In [12], the restricted interfaces of such proxy classes (called filters) are statically defined, independently by clients and servers. These filters are integrated with the resource interface definitions; this allows the system to automatically create and interpose appropriate filter objects in ....

D. Hagimont and L. Ismail. A Protection Scheme for Mobile Agents on Java. In Proceedings of the 3rd International Conference on Mobile Computing and Networking, September 1997.

....control lists (called allowances ) to impose restrictions on visiting agents. For protected access to server resources by an agent, our approach is based on the concept of proxies. The proxy concept was first developed by Shapiro[21] It has also been recently used in other agent based systems[8]. We use proxies to act as capabilities. These capabilities may include the identity of the client, to act as an identity based capability[5] and may also include some accounting information, as suggested in [17] One of the contributions of our work lies in supporting proxy based capabilities ....

....to act as an identity based capability[5] and may also include some accounting information, as suggested in [17] One of the contributions of our work lies in supporting proxy based capabilities whose integrity can be assured based on Java s security model. The protection scheme described in [8] has some conceptual similarities to our approach. Both schemes use proxy objects acting as capabilities instead of direct access to resources. In [8] the restricted interfaces of such proxy classes (called filters in [8] are statically defined, independently by clients and servers. These ....

[Article contains additional citation context not shown here]

Daniel Hagimont and Leila Ismail. A Protection Scheme for Mobile Agents on Java. In Proceedings of the 3rd ACM/IEEE International Conference on Mobile Computing and Networking, September 1997.

....current design relies on explicit access control checks, and thus fails to separate functionality from protection. Furthermore, as access checks need to walk the entire call stack, the performance impact of extended stack introspection on extensible systems is still unclear. Hagimont and Ismail [17] describe an alternative design for access control in Java which provides for a separate description of security constraints through an extended interface definition language. In their design, security constraints are expressed as part of the interface specification for each extension, and result ....

D. Hagimont and L. Ismail. A Protection Scheme for Mobile Agents on Java. In Proceedings of the Third Annual ACM/IEEE International Conference on Mobile Computing and Networking, Budapest, Hungary, September 1997.

....of the JDK security model to multiprocessing, and they rely on the existing, limited JDK infrastructure for resource control. E [19] is a set of extensions to Java that support the use of object references as capabilities. They check these capabilities at load time. Hagimont and Ismail [27] describe a different implementation of capabilities that uses an IDL to define protection views on objects. The implementation of capabilities in their design is similar to that used in the JKernel. The Echidna system [25] is a freely available class library that supports multiple processes in ....

D. Hagimont and L. Ismail. A protection scheme for mobile agents on Java. In Proc. of the Workshop on Persistence and Distribution in Java, Lisbon, Portugal, Oct. 1997.

....to the IDL for application protection. For example, it will be interesting to experiment with extensions for administrating access rights in protection domains (as proposed in section 2. 5) Second, we are currently experimenting with Hidden Software Capabilities applied to a Java environment [Hagimont 97] The idea is basically to allow servers to execute untrusted mobile agents written in Java. Access to objects managed by a server is controlled by capabilities that are invisible to agent programs. Acknowledgments: P. Dechamboux, J. Han, T. Jacquin, C. Jensen, A. Knaff, E. P rez Cort s, X. ....

D. Hagimont, L. Ismail. A Protection Scheme for Mobile Agents on Java, 3rd ACM/IEEE International Conference on Mobile Computing and Networking (To Appear), September 1997.

....Software Capabilities. Finally, the main idea of separating protection management from application code is not restricted to SASOS systems. The general applicability of our protection model is currently under investigation in the context of CORBA [HHM97] and a mobile agent environment using Java [HI97] Acknowledgments P. Dechamboux, J. Han, T. Jacquin, A. Knaoe, J. Mossi#re, E. P#rez Cort#s, X. Rousset and F. Saunier contributed to the design of the Arias system, including the work described in this paper. We would like to extend special thanks to S. Krakowiak and J. Mossi#re for their ....

D. Hagimont and L. Ismail. A protection scheme for mobile agents on java. In Proceedings of the 3rd Anual ACM/IEEE International Conference on Mobile Computing and Networking, pages 215222, 1997.

No context found.

D. Hagimont and L. Ismail. A Protection Scheme for Mobile Agents on Java. In Proceedings of the International Conference on Mobile Computing and Networking, 1997.

No context found.

Daniel Hagimont and Leila Ismail. A protection scheme for mobile agents on Java. In Mobile Computing and Networking, pages 215-222, 1997.

No context found.

D. Hagimont, and L. Ismail, "A Protection Scheme for Mobile Agents on Java," Proceedings of the 3rd ACM/IEEE International Conference on Mobile Computing and Networking, September 1997.

No context found.

Daniel Hagimont and Leila Ismail. A protection scheme for mobile agents on java. In Mobile Computing and Networking, pages 215--222, 1997.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC