Towards the safe use of dynamically itinerant software

Mobile code and agent-based technology is being actively investigated for use within military systems. The use of mobile code in these systems could greatly benefit future defense capabilities; however, one must first establish confidence in the secure deployment and use of mobile code before widesp...

Full description

Saved in:
Bibliographic Details
Main Authors: Jochen, M., Anteneh, A.A., Pollock, L.L., Marvel, L.M.
Format: Conference Proceeding
Language:English
Subjects:
Collaborative work
Constraint optimization
Digital signatures
Dynamic program transfor
Government
Intelligent sensors
Laboratories
Mobile agents
Mobile code
Prototypes
Security
Software safety
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Mobile code and agent-based technology is being actively investigated for use within military systems. The use of mobile code in these systems could greatly benefit future defense capabilities; however, one must first establish confidence in the secure deployment and use of mobile code before widespread acceptance of this technology occurs. This is particularly true when a mobile code is permitted to evolve or modify as it moves through a network. Dynamic program transformation or evolution can enable more efficient computation of long running programs on constrained resource hosts by optimizing the computation for the current runtime input, state, and environment. This technology can also potentially provide dynamically updated or modified pro gram functionality. Traditional mobile code validation methods such as checksums and digital signatures is unable to efficiently meet the security needs of this itinerant, evolving software. New validation methods must be constructed in order to allow future mobile codes to avail themselves of the advantages dynamic program modification may provide while mitigating potential security risks. We are developing a framework and prototype system to validate mobile, dynamically-transforming code in a manner which enables the system to restrict how the code can transform as it passes through the network. This system permits modifications to the code based on a user-defined program transformation policy. In this paper, we present the details for our framework to control dynamic program transformation. This framework is the first step towards making dynamically-transforming software a viable technology for future defense systems
ISSN:2155-7578
2155-7586
DOI:10.1109/MILCOM.2005.1605697