Cited By
View all- Huang TShieh CMiao Y(2009)Dual-Mode Execution Environment for active networkJournal of Systems Architecture10.1016/j.sysarc.2009.03.00355:5-6(317-331)Online publication date: May-2009
Towards a secure platform for distributed mobile object computing
Pages 56 - 73
Abstract
We present some issues relevant to the design of a secure platform for distributed mobile computing, that goes beyond existing ad-hoc approaches to software mobility. This platform aims to support wide-area computing applications such as active network infrastructures or network supervision tools. Our contribution is two-fold: the first part of the paper is a survey of the security features of a few languages and virtual machines as regards authentication, access control, and communications security. We then discuss a possible architecture for a secure virtual machine for distributed mobile computing based on interesting features found in the implementations studied.
References
[1]
{1} M. Abadi, M. Burrows, L. van Doorn, E. Wobber. Secure Network Objects. In Proceedings of the 1996 IEEE Symposium on Security and Privacy, May 1996.
[2]
{2} M. Abadi, A. Gordon. A Calculus for Cryptographic Protocols: The Spi Calculus. SRG Research Report 149, Digital Equipment Corporation Systems Research Center, January 1998.
[3]
{3} M. Abadi, C. Fournet, G. Gonthier. Secure Implementation of Channel Abstractions. In Proceedings of the 1999 IEEE Symposium on Security and Privacy, April 1999.
[4]
{4} M. Ancona, W. Cazzola, E. Fernandez. A History-Dependent Access Control Mechanism Using Reflection. In Fifth Mobile Object Systems Workshop, Lisbon, Portugal, 14 June 1999.
[5]
{5} M. Ancona, W. Cazzola, E. Fernandez. Reflective Authorization Systems: Possibilitie, Benefits and Drawbacks. In Jan Vitek (ed.), Christian Jensen (ed.), Security Issues for Distributed and Mobile Objects, Fourth International Workshop, MOS'98 Brussels, Belgium, July 1998.
[6]
{6} A. Birrell, G. Nelson, S. Owicki, E. Wobber. Network Objects. SRC Research Report 115, Digital Equipment Corporation Systems Research Center, 1994.
[7]
{7} L. Cardelli. Obliq: a language with distributed scope. In Proc. ACM Principles of Prog. Lang., 1995.
[8]
{8} L. Cardelli. Type Systems. In A. Tucker (ed.), The Computer Science and Engineering Handbook, CRC Press, 1997.
[9]
{9} D. Chizmadia. A Quick Tour of the CORBA Security Service. In Information Security Bulletin, September 1998.
[10]
{10} G. Coulouris, J. Dollimore, T. Kindberg. Distributed Systems: Concepts and Design, Addisson-Wesley, 1994.
[11]
{11} R. Chow, T. Johnson. Distributed Operating Systems and Algorithms, Adison-Wesley, 1997.
[12]
{12} G. Cugola, C. Ghezzi, G. P. Picco, G. Vigna. Analyzing Mobile Code Languages, Lect. Notes in Comp. Sci. 1222, 1997. In J. Vitek (ed.), C. Tschudin (ed.), Mobile Object Systems: Towards the Programmable Internet, Second International Workshop MOS'96, Linz, Austria, 8-9 July 1996.
[13]
{13} M. Dageforde. Security in JDK 1.2. In Mary Campione et al., The Java Tutorial Continued: The Rest of the JDK, Addison-Wesley, 1998.
[14]
{14} B. Dumant, F. Dang Tran, F. Horn, J. B. Stefani. Jonathan: an Open Distributed Platform in Java. In Proceedings IFIP International Conference Middleware '98, Lake District, UK, September 1998.
[15]
{15} L. Gong, M. Mueller, H. Prafullchandra, R. Schemers. Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2. In Proceedings of the USENIX Symposium on Internet Technologies and Systems, Monterey, California, December 1997.
[16]
{16} M. Lacoste. Introducing the French RNRT MARVEL Project. In Fifth Mobile Object Systems Workshop, Lisbon, Portugal, 14 June 1999.
[17]
{17} National Institute of Standards and Technology. An Introduction to Computer Security: the NIST Handbook. Special Publication 800-12, 1996.
[18]
{18} R. Needham, M. Schroeder. Using Encryption for Authentication in Large Network of Computers. In Comm. ACM, vol. 21, pp. 993-999, 1978.
[19]
{19} Object Management Group. Common Object Request Broker Architecture: Security Service Specification, December 1998. OMG document 98-12-12.
[20]
{20} T. Olovsson. A Structured Approach to Computer Security. Technical Report, Chalmers University of Technology, Department of Computer Engineering, Gothenburg, Sweden, 1992.
[21]
{21} R. Orfali, D. Harkey, J. Edwards. Instant CORBA, Wiley, 1997.
[22]
{22} B. Pierce, D. Turner. Pict: A Programming Language Based on the Pi-Calculus. Indiana University Technical Report, 1997.
[23]
{23} P. Sinha. Distributed Operating Systems: Concepts and Design, IEEE Computer Society Press, 1997.
[24]
{24} J. Steiner, C. Neuinan, J. Schiller. Kerberos: an Authentication Service for Open Network Systems. In Proc. Usenix Winter Conf., Berkeley, 1988.
[25]
{25} J. Vitek, M. Serrano, D. Thanos. Security and Communications in Mobile Object Systems. In J. Vitek (ed.), C. Tschudin (ed.), Mobile Object Systems: Towards the Programmable Internet, Lect. Notes in Comp. Sci. 1222, Springer-Verlag, April 1997.
[26]
{26} J. Vitek, G. Castagna. Seal: A Framework for Secure Mobile Computations. In Internet Programming Languages, 1999.
Index Terms
- Towards a secure platform for distributed mobile object computing
Recommendations
Towards secure mobile cloud computing: A survey
Mobile cloud computing is gaining popularity among mobile users. The ABI Research predicts that the number of mobile cloud computing subscribers is expected to grow from 42.8 million (1.1% of total mobile users) in 2008 to 998 million (19% of total ...
Towards automated provisioning of secure virtualized networks
CCS '07: Proceedings of the 14th ACM conference on Computer and communications securityWe describe a secure network virtualization framework that helps realize the abstraction of Trusted Virtual Domains (TVDs), a security-enhanced variant of virtualized network zones. The framework allows groups of related virtual machines running on ...
Cognitive distributed computing: a new approach to distributed data centres with self-managing services on commodity hardware
New computing, management and programming models with a novel distributed intelligent managed element DIME network architecture are used to provide end-to-end service visibility and control across distributed physical or virtual infrastructure. ...
Comments
Information & Contributors
Information
Published In
April, 2000
138 pages
Copyright © 2000 Author.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 01 April 2000
Published in SIGOPS Volume 34, Issue 2
Check for updates
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 728Total Downloads
- Downloads (Last 12 months)7
- Downloads (Last 6 weeks)1
Reflects downloads up to 13 Nov 2024
Other Metrics
Citations
Cited By
View all- Huang TShieh CMiao Y(2009)Dual-Mode Execution Environment for active networkJournal of Systems Architecture10.1016/j.sysarc.2009.03.00355:5-6(317-331)Online publication date: May-2009
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in