Extending Erlang for Safe Mobile Code Execution

  • Lawrie Brown
  • Dan Sahlin
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1726)

Abstract

This paper discusses extensions to the functional language Erlang which provide a secure execution environment for remotely sourced code. This is in contrast to much existing work which has focused on securing procedural languages. Using a language such as Erlang provides a high degree of inherent run-time safety, which means effort can be focused on providing a suitable degree of system safety. We found that the main changes needed were the use of unforgeable (capability) references with access rights to control the use of system resources; the provision of a hierarchy of execution nodes to provide custom views of the resources available and to impose utilisation limits; and support for remote module loading. We then discuss prototype implementations of these changes, used to evaluate their utility and impact on visibility for the users of the language, and mention work in progress using this foundation to specify safety policies by filtering messages to server processes.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Adl-Tabatabai, A.-R., Langdale, G., Lucco, S., Wahbe, R.: Efficient and Language Independent Mobile Programs. SIGPLAN 31(5), 127–136 (1996)CrossRefGoogle Scholar
  2. 2.
    Anderson, M., Pose, R.D., Wallace, C.S.: A Password Capability System. The Computer Journal 29(1), 1–8 (1986)CrossRefGoogle Scholar
  3. 3.
    Armstrong, J.: Erlang - A Survey of the Language and its Industrial Applications. In: INAP 1996 - The 9th Exhibitions and Symposium on Industrial Applications of Prolog, Hino, Tokyo, Japan (October 1996), http://www.ericsson.se/cslab/erlang/publications/inap96.ps.
  4. 4.
    Armstrong, J., Virding, R., Wikstrom, C., Williams, M.: Concurrent Programming in Erlang, 2nd edn. Prentice Hall, Englewood Cliffs (1996), http://www.erlang.org/download/erlangbooktoc.html Google Scholar
  5. 5.
    Armstrong, J.: The Development of Erlang. In: Proceedings of the ACM SIGPLAN International Conference on Functional Programming, pp. 196–203. ACM, New York (1997)CrossRefGoogle Scholar
  6. 6.
    Arnold, K., Gosling, J.: The Java programming Language, 2nd edn. Addison-Wesley, Reading (1998), 0201310066Google Scholar
  7. 7.
    Bellare, M., Canetti, R., Krawczyk, H.: Keyed Hash Functions and Message Authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996), http://www.research.ibm.com/security/keyed-md5.html Google Scholar
  8. 8.
    Brown, L.: Mobile Code Security. In: AUUG 1996 and Asia Pacific World Wide Web 2nd Joint Conference, AUUG, Sydney, Australia, pp. 46–55 (1996), http://www.adfa.edu.au/~lpb/papers/mcode96.html
  9. 9.
    Brown, L.: SSErl - Prototype of a Safer Erlang. Technical Report CS04/97, School of Computer Science, Australian Defence Force Academy, Canberra, Australia (November 1997), http://www.adfa.edu.au/~lpb/papers/tr9704.html
  10. 10.
    Brown, L.: Custom Safety Policies in SSErl. Technical note, School of Computer Science, Australian Defence Force Academy, Canberra, Australia (June 1999), http://www.adfa.edu.au/~lpb/research/sserl/sspol99.html
  11. 11.
    Connolly, D.: Issues in the Development of Distributed Hypermedia Applications (December 1996), http://www.w3.org/OOP/HyperMediaDev
  12. 12.
    Connolly, D.: Mobile Code (December 1996), http://www.w3.org/MobileCode/
  13. 13.
    Dean, D., Felten, E.W., Wallach, D.S.: Java Security: From Hotjava to Netscape and Beyond. In: Proceedings IEEE Symposium on Security and Privacy. IEEE, Los Alamitos (1996), http://www.cs.princeton.edu/sip/pub/secure96.html Google Scholar
  14. 14.
    Hashii, B., Lal, M., Pandey, R., Samorodin, S.: Securing Systems Against External Programs. IEEE Internet Computing 2(6), 35–45 (1998)CrossRefGoogle Scholar
  15. 15.
    Hughes, J.: Why Functional Programming Matters. Computer Journal 32(2), 98–107 (1989), http://www.cs.chalmers.se/~rjmh/Papers/whyfp.ps CrossRefGoogle Scholar
  16. 16.
    Jonsson, I., Naeser, G., Sahlin, D., et al.: Adapting Erlang for Secure Mobile Agents. In: Practical Applications of Intelligent Agents and Multi-Agents: PAAM 1997, London, UK (April 1997), http://www.ericsson.se/cslab/~dan/reports/paam97/final/paam97.ps
  17. 17.
    Krawczyk, H., Bellare, M., Canetti, R.: HMAC: Keyed-Hashing for Message Authentication. Rfc 2104, IETF (February 1997)Google Scholar
  18. 18.
    Leroy, X.: Objective CAML. Technical report, INRIA (1997), http://pauillac.inria.fr/ocaml/
  19. 19.
    Lucco, S., Sharp, O., Wahbe, R.: Omniware: A Universal Substrate for Mobile Code. In: Fourth International World Wide Web Conference, MIT, Cambridge (1995), http://www.w3.org/pub/Conferences/WWW4/Papers/165/ Google Scholar
  20. 20.
    McGraw, G., Felton, E.W.: Java Security: Hostile Applets, Holes, and Antidotes. Wiley, Chichester (1997), 047117842XGoogle Scholar
  21. 21.
    Naeser, G.: Your First Introduction to Safeerlang. Technical report, Dept. Computer Science, Uppsala University, Sweden (January 1997), ftp://ftp.csd.uu.se/pub/papers/masters-theses/0109-naeser.ps.gz
  22. 22.
    Oaks, S.: Java Security. O’Reilly (1998), 1565924037Google Scholar
  23. 23.
    Ousterhout, J.K., Levy, J.Y., Welch, B.B.: The Safe-Tcl Security Model. Technical report, Sun Microsystems Laboratories, Mountain View, CA 94043-1100, USA (November 1996), http://www.sunlabs.com/research/tcl/safeTcl.ps
  24. 24.
    Rubin, A.D., Gee Jr., D.E.: Mobile Code Security. IEEE Internet Computing 2(6), 30–34 (1998)CrossRefGoogle Scholar
  25. 25.
    Sahlin, D.: The Concurrent Functional Programming Language Erlang - An Overview. In: Workshop on Multi-Paradigm Logic Programming, Joint Intl. Conf. and Symposium on Logic Programming, Bonn (1996), http://www.ericsson.se/cslab/~dan/reports/mplp/web/mplp.html
  26. 26.
    Systems, E.: Open Source Erlang Distribution (1999), http://www.erlang.org/
  27. 27.
    Tanenbaum, A.S., van Renesse, R., van Staveren, H., Sharp, G.J., Mullender, S.J., Jansen, J., van Rossum, G.: Experences with the Amoeba Distributed Operating System. Communications of the ACM 33(12), 46–63 (1990)CrossRefGoogle Scholar
  28. 28.
    Thorn, T.: Programming Languages for Mobile Code. ACM Computing Surveys 29(3), 213–239 (1997)CrossRefGoogle Scholar
  29. 29.
    Wallach, D.S., Balfanz, D., Dean, D., Felten, E.W.: Extensible Security Architectures for Java. In: Proceedings of the Symposium on Operating Systems Principles, pp. 116–128. ACM, New York (1997)Google Scholar
  30. 30.
    Wikstrom, C.: Distributed Programming in Erlang. In: PASCO 1994 - First International Symposium on Parallel Symbolic Computation (September 1994), http://www.ericsson.se/cslab/erlang/publications/dist-erlang.ps
  31. 31.
    Yellin, F.: Low Level Security in Java. In: Fourth International World Wide Web Conference. MIT, Cambridge (1995), http://www.w3.org/pub/Conferences/WWW4/Papers/197/40.html Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • Lawrie Brown
    • 1
  • Dan Sahlin
    • 2
  1. 1.School of Computer ScienceAustralian Defence Force AcademyCanberraAustralia
  2. 2.Computer Science LaboratoryEricsson Utvecklings ABÄlvsjöSweden

Personalised recommendations