2005年
Verification for host confidentiality by abstract interpretation in mobile code systems
IET Conference Publications
- ,
- ,
- ,
- 巻
- 号
- 496
- 開始ページ
- 117
- 終了ページ
- 記述言語
- 英語
- 掲載種別
- DOI
- 10.1049/cp:20051603
To resolve the security problems of Java mobile programs, we adapted the technique of type-level abstract interpretation usually applied to verify the bytecode correctness to check the mobile program statically whether it impairs the host confidentiality. Instead of data types, our approach abstractly executes the mobile program at the level of security-level. Based on maintaining a distribution map of security-levels of the data in the mobile program's data containers, our approach detects data-leaking caused by the mobile program just before it tries to send sensitive data out of the host. By this way our approach could make fewer misjudgments that verifies secure mobile programs as malicious ones and be more efficient than the works in R. Barbuti et al., (2002), C. Bernardeschi et al. (2002), and M. Avvenuti et al. (2003).
- リンク情報
- ID情報
-
- DOI : 10.1049/cp:20051603
- SCOPUS ID : 41149112904