Advertisement

Secure Mediation with Mobile Code

  • Joachim Biskup
  • Barbara Sprick
  • Lena Wiese
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3654)

Abstract

A mediator helps a client of a distributed information system to acquire data without contacting each datasource. We show how mobile code can be used to ensure confidentiality of data in a secure mediation system. We analyze what advantages mobile code has over mobile data for secure mediation. We present a Java implementation of a system that mediates SQL queries. Security risks for the client and the mobile code are delineated; offending the integrity of its own data is identified as a special type of attack of mobile code in a mediation system. We name appropriate countermeasures and describe the amount of trust needed in our system. As an extension, we consider security in a hierarchy of mediators. Finally, we combine mobile code with mobile agent technology.

Keywords

Mobile Agent Execution Environment Structure Query Language Mobile Code Client Computer 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Algesheimer, J., Cachin, C., Camenisch, J., Karjoth, G.: Cryptographic security for mobile code. In: SP 2001: Proceedings of the IEEE Symposium on Security and Privacy 2001, pp. 2–11. IEEE Computer Society Press, Los Alamitos (2001)CrossRefGoogle Scholar
  2. 2.
    Altenschmidt, C., Biskup, J., Flegel, U., Karabulut, Y.: Secure mediation: Requirements, design and architecture. Journal of Computer Security 11(3), 365–398 (2003)CrossRefGoogle Scholar
  3. 3.
    Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., Yang, K.: On the (Im)possibility of Obfuscating Programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–19. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    The Legion of the Bouncy Castle, http://www.bouncycastle.org/
  5. 5.
    Fong, P.W.L.: Proof Linking: A Modular Verification Architecture for Mobile Code Systems. Phd thesis, Simon Fraser University, Burnaby, Canada (January 2004), See, http://www.cs.sfu.ca/research/publications/theses/
  6. 6.
    Karjoth, G., Asokan, N., Gülcü, C.: Protecting the Computation Results of Free-Roaming Agents. In: Rothermel, K., Hohl, F. (eds.) MA 1998. LNCS, vol. 1477, pp. 195–207. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  7. 7.
    Karjoth, G., Lange, D.B., Oshima, M.: A Security Model for Aglets. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 188–205. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  8. 8.
    Loureiro, S., Molva, R., Roudier, Y.: Mobile code security. In: Proceedings of ISYPAR’2000 (4ème Ecole d’Informatique des Systèmes Parallèles et Répartis), Toulouse, France, pp. 95–103 (2000)Google Scholar
  9. 9.
    Necula, G.C., Lee, P.: Safe, Untrusted Agents Using Proof-Carrying Code. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 61–91. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  10. 10.
    Peine, H.: Run-Time Support for Mobile Code. Dissertation, Universität Kaiserslautern, Fachbereich Informatik (October 2002)Google Scholar
  11. 11.
    Rivest, R.L., Adleman, L., Dertouzos, M.L.: On data banks and privacy homomorphisms. Foundations of Secure Computation, 169–179 (1978)Google Scholar
  12. 12.
    Sander, T., Tschudin, C.F.: Protecting Mobile Agents Against Malicious Hosts. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 44–60. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  13. 13.
    Wiederhold, G.: Mediators in the architecture of future information systems. IEEE Computer 25(3), 38–49 (1992)CrossRefGoogle Scholar
  14. 14.
    Wiederhold, G., Genesereth, M.: The conceptual basis for mediation services. IEEE Expert Intelligent Systems and their Applications 12(5), 38–47 (1997)Google Scholar
  15. 15.
  16. 16.
    Wiese, L.: Sichere Mediation mit mobilem Code – Implementierung und Sicherheitsanalyse. Diploma thesis (in German), Universität Dortmund, Dortmund, Germany (October 2004), http://ls6-www.cs.uni-dortmund.de/issi/archive/literature/2004/Wiese_2004.pdf
  17. 17.
    Yee, B., Tygar, J.D.: Secure coprocessors in electronic commerce applications. In: Proceedings of the First USENIX Workshop of Electronic Commerce, Berkeley, CA, USA, pp. 155–170. USENIX Assoc. (1995)Google Scholar
  18. 18.
    Young, A., Yung, M.: Malicious Cryptography – Exposing Cryptovirology. Wiley, Indianapolis (2004)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2005

Authors and Affiliations

  • Joachim Biskup
    • 1
  • Barbara Sprick
    • 1
  • Lena Wiese
    • 1
  1. 1.Universität DortmundDortmundGermany

Personalised recommendations