標題: | Protecting network users in mobile code systems |
作者: | Shieh, SP Yang, WH 資訊工程學系 Department of Computer Science |
關鍵字: | mobile code;remote execution;Java;Internet security;World Wide Web;access control;flow control |
公開日期: | 1-二月-2004 |
摘要: | Conventional access control mechanisms are rather insensitive to occurrences of context-dependent illegal accesses. Insensitivity to context-dependent accesses may lead to failure to protect network users and resources. Context-dependent illegal accesses resulting from data and privilege flows in open networks cannot be prevented by either authentication or access control mechanisms since unauthorized access need not be attempted. In this paper we present a protection model which tracks data and privilege flows in mobile code systems. It can uniformly define various types of illegal access patterns and has the advantage of preventing context-dependent illegal accesses such as those caused by inadvertent execution of remote mobile code containing viruses or Trojan Horses. The proposed flow control model is expected to complement the conventional model for access control. (C) 2003 Elsevier Inc. All rights reserved. |
URI: | http://dx.doi.org/10.1016/j.jpdc.2003.09.008 http://hdl.handle.net/11536/27094 |
ISSN: | 0743-7315 |
DOI: | 10.1016/j.jpdc.2003.09.008 |
期刊: | JOURNAL OF PARALLEL AND DISTRIBUTED COMPUTING |
Volume: | 64 |
Issue: | 2 |
起始頁: | 191 |
結束頁: | 200 |
顯示於類別: | 期刊論文 |