Security of Mobile Code

Security of Mobile Code

Zbigniew Kotulski (Polish Academy of Sciences, Poland & Warsaw University of Technology, Poland) and Aneta Zwierko (Warsaw University of Technology, Poland)
Copyright: © 2009 |Pages: 17
DOI: 10.4018/978-1-60566-054-7.ch197
OnDemand PDF Download:
$37.50

Abstract

The recent development in the mobile technology (mobile phones, middleware, wireless networks, etc.) created a need for new methods of protecting the code transmitted through the network. The oldest and the simplest mechanisms concentrate more on integrity of the code itself and on the detection of unauthorized manipulation. The newer solutions not only secure the compiled program, but also the data, that can be gathered during its “journey,” and even the execution state. Some other approaches are based on prevention rather than detection. In this chapter we present a new idea of securing mobile agents. The proposed method protects all components of an agent: the code, the data, and the execution state. The proposal is based on a zero-knowledge proof system and a secure secret sharing scheme, two powerful cryptographic primitives. Next, the chapter includes security analysis of the new method and its comparison to other currently more widespread solutions. Finally, we propose a new direction of securing mobile agents by straightening the methods of protecting integrity of the mobile code with risk analysis and a reputation system that helps avoiding a high-risk behavior.

Complete Chapter List

Search this Book:
Reset