Building systems that flexibly control downloaded executable content

Trent Jaeger, Aviel D. Rubin, Atul Prakashy

Research output: Contribution to conferencePaperpeer-review


Downloading executable content, which enables principals to run programs from remote sites, is a key technology in a number of emerging applications, including collaborative systems, electronic commerce, and web information services. However, the use of downloaded executable content also presents serious security problems because it enables remote principals to execute programs on behalf of the downloading principal. Unless downloaded executable content is properly controlled, a malicious remote principal may obtain unauthorized access to the downloading principal's resources. Current solutions either attempt to strictly limit the capabilities of downloaded content or require complete trust in the remote principal, so applications which require intermediate amounts of sharing, such as collaborative applications, cannot be constructed over insecure networks. In this paper, we describe an architecture that flexibly controls the access rights of downloaded content by: (1) authenticating content sources; (2) determining content access rights based on its source and the application that it is implementing; and (3) enforcing these access rights over a wide variety of objects and for the entire computation, even if external software is used. We describe the architecture in the context of an infrastructure for supporting collaborative applications.

Original languageEnglish (US)
StatePublished - Jan 1 1996
Event6th USENIX Security Symposium 1996 - San Jose, United States
Duration: Jul 22 1996Jul 25 1996


Conference6th USENIX Security Symposium 1996
Country/TerritoryUnited States
CitySan Jose

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems
  • Safety, Risk, Reliability and Quality


Dive into the research topics of 'Building systems that flexibly control downloaded executable content'. Together they form a unique fingerprint.

Cite this