Abstract
Trust management in a networked environment consists of authentication and integrity checking. In a mobile computing environment, both remote hosts and mobile code are suspect. We present a model that addresses trust negotiation between the remote host and the mobile code simultaneously. Our model uses tamper resistant hardware, public key cryptography, and one-way hash functions.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
K. Arnold and J. Gosling, The Java Programming Language, 2nd ed. (Addison-Wesley).
K. Brockschmidt, Inside OLE, 2nd ed. (Microsoft Press, 1995).
R. Brooks and S. Iyengar, Robust distributed computing and sensing algorithm, IEEE Computer 29(6) (June 1996).
B. DeDecker, F. Piessens, E. Van Hoeymissen and G. Neven, Semitrusted hosts and mobile agents: Enabling secure distributed computations, in: Proc. of the Second International Workshop, MATA 2000, ed. E. Horlait, Paris, France (2000).
FIPA, Foundation for Intelligent Physical Agents, http: //www. fipa.org
J. Fritzlinger and M. Mueller, Java security, Sun Microsystems White Paper (1996) http: //java.sun.com/security/whitepaper.txt
A. Fuggetta, G. Picco and G. Vigna, Understanding code mobility, IEEE Transactions on Software Engineering 24(5) (May 1998).
F. Hohl, An approach to solve the problem of malicious hosts, University of Stuttgart TR 1997-03 (1997).
IBM, Aglets Workbench, http: //www.trl.ibm.co.jp/ aglets/index.html
B. Lampson, A note on the confinement problem, Communications of the ACM 16(10) (October 1974).
P. Lee and G. Necula, Research on proof-carrying code for mobile code security, in: DARPA Workshop on Foundations for Secure Mobile Code (March 1997).
S. Loureiro and R. Molva, Function hiding based on error correcting codes, in: Proceedings of the International Workshop on Cryptographic Techniques and Electronic Commerce (July 1999).
S. Loureiro and R. Molva, Mobile code protection with smartcards, in: Proceedings of ECOOP 2000 Workshop on Mobile Object Systems, Cannes, France (June 2000).
G. Necula, Proof-carrying code, in: Proceedings of the 24th ACM Symposium on Principles of Programming Languages, ed. N. Jones, Paris, France (1997).
S. Pleisch, State of the art of mobile agent computing: Security, fault tolerance, and transaction support, IBM Research Technical Report, RZ3152 (1999).
T. Ramabadran and S. Gaitonde, A tutorial on CRC computations, IEEE Micro (August 1988).
A. Rubin and D. Geer, Mobile code security, IEEE Internet (November/ December 1998).
T. Sander and C. Tschudin, Towards mobile cryptography, in: Proc. 1998 IEEE Symposium on Security and Privacy (1998).
B. Schneier, Applied Cryptography (Wiley, 1994).
H. Shrobe and J. Doyle, Active trust management for autonomous adaptive survivable systems (ATMs for AAss's), in: Proc. International Workshop on Self-Adaptive Software (April 2000).
D. Solomon, Inside Windows NT, 2nd ed. (Microsoft Press, 1998).
W. Stallings, Network Security Essentials: Applications and Standards (Prentice-Hall, 2000).
D. Wong, N. Paciorek and D. Moore, Java based mobile agents, Communications of the ACM 42(3) (March 1999).
B. Yee, Using secure coprocessors, Carnegie Mellon University School of Computer Science Technical Report, CMU-CS-94-149 (1994).
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Zachary, J., Brooks, R. Bidirectional Mobile Code Trust Management Using Tamper Resistant Hardware. Mobile Networks and Applications 8, 137–143 (2003). https://doi.org/10.1023/A:1022281014117
Issue Date:
DOI: https://doi.org/10.1023/A:1022281014117