The Safe-Tcl Security Model

Lévy, Julien; Demailly, Laurent; Ousterhout, John K.; Welch, Brent

doi:10.1007/3-540-68671-1_12

Cited by 68 publications

(40 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This framework will then be used to define some general attack classes, which can then be instantiated on particular systems. The definitions presented in this section were obtained by the analysis of a number of existing systems and their security models [8,9,12,14], as well as by the OMG's MASIF specification [10].…”

Section: General Framework For the Analysismentioning

confidence: 99%

Evaluating the Security of Three Java-Based Mobile Agent Systems

2001

View full text Add to dashboard Cite

Abstract. The goal of mobile agent systems is to provide a distributed computing infrastructure supporting applications whose components can move between different execution environments. The design and implementation of mechanisms to relocate computations requires a careful assessment of security issues. If these issues are not addressed properly, mobile agent technology cannot be used to implement real-world applications. This paper describes the initial steps of a research effort to design and implement security middleware for mobile code systems in general and mobile agent systems in particular. This initial phase focused on understanding and evaluating the security mechanisms of existing mobile agent systems. The evaluation was performed by deploying several mobile agents systems in a testbed network, implementing attacks on the systems, and evaluating the results. The long term goal for this research is to develop guidelines for the security analysis of mobile agent systems and to determine if existing systems provide the security abstractions and mechanisms needed to develop real-world applications.

show abstract

Section: General Framework For the Analysismentioning

confidence: 99%

Evaluating the Security of Three Java-Based Mobile Agent Systems

2001

View full text Add to dashboard Cite

show abstract

“…The Tcl enforcement module is implemented with Safe Tcl. Safe Tcl is a Tcl extension that is designed to allow the safe execution of untrusted Tcl scripts [18,21]. Safe Tcl provides two interpreters.…”

Section: Authorization and Enforcementmentioning

confidence: 99%

“…After that, the Java agent corresponds exactly to the Tcl agent. It turns on digital signatures (lines 4-5), registers with the agent system (lines 7-8), migrates to the location of the search engine (lines 10-11), performs the multi-step query (lines [13][14][15][16][17][18], and returns home (lines [20][21][22]. As with the Tcl examples, error-checking and some initialization code have been omitted.…”

Section: Figmentioning

confidence: 99%

“…Aside from the creation of the initial Agent instance, the Java code corresponds exactly to the Tcl code. After registering with the agent system, it requests access to the needed system resources (lines 7-13), waits for a query (lines [18][19][20][21], and makes sure that the querying agent is on the same machine (line [23][24][25][26] and has an allowed, authenticated owner (lines 28-36). As with the Java retrieval agent, error-checking, some initialization code, and the definition of the enclosing class and method have been omitted.…”

Section: Figmentioning

confidence: 99%

See 1 more Smart Citation

D’Agents: Security in a Multiple-Language, Mobile-Agent System

Gray

Kotz

Cybenko

et al. 1998

Lecture Notes in Computer Science

119

View full text Add to dashboard Cite

Abstract. Mobile-agent systems must address three security issues: protecting an individual machine, protecting a group of machines, and protecting an agent. In this chapter, we discuss these three issues in the context of D'Agents, a mobile-agent system whose agents can be written in Tcl, Java and Scheme. (D'Agents was formerly known as Agent Tcl.) First we discuss mechanisms existing in D'Agents for protecting an individual machine: (1) cryptographic authentication of the agent's owner, (2) resource managers that make policy decisions based on the owner's identity, and (3) secure execution environments for each language that enforce the decisions of the resource managers. Then we discuss our planned market-based approach for protecting machine groups. Finally we consider several (partial) solutions for protecting an agent from a malicious machine.

show abstract

“…Mobile agents can gain unauthorized access to confidential data on the platform if they can bypass the platform's security policy. Several techniques have been proposed for protecting the agent platform, namely Signed Code [22], Proof Carrying Code [42], Path Histories [46], Authorization Certificates [59], Safe Code Interpretation [47], State Appraisal [29], and Software-based Fault Isolation [60]. Some of these techniques aim at authenticating the mobile agent or the source of the agent, while others are focused on safe code execution.…”

Section: Securitymentioning

confidence: 99%

Outdoor Distributed Computing with Split Smart Messages

Ravi

Iftode

Reliable Systems on Unreliable Networked Platforms

View full text Add to dashboard Cite

Abstract. In this paper, we exemplify outdoor distributed computing and point out the key challenges. We present Split Smart Messages, a lightweight, portable, network failure resilient and relatively secure middleware that enables a large subset of outdoor distributed computing applications. We also present a Service Discovery, Interaction and Payment Protocol (SDIPP) tailored for mobile phones. We evaluate our middleware and protocol on Sony Ericsson P900 phones and present experimental results.

show abstract

The Safe-Tcl Security Model

Cited by 68 publications

References 7 publications

Evaluating the Security of Three Java-Based Mobile Agent Systems

Evaluating the Security of Three Java-Based Mobile Agent Systems

D’Agents: Security in a Multiple-Language, Mobile-Agent System

Outdoor Distributed Computing with Split Smart Messages

Contact Info

Product

Resources

About