Flexible security model for using Internet content

Rangachari Anand; Nayeem Islam; Trent Jaeger; Josyula R. Rao

Flexible security model for using Internet content

Rangachari Anand, Nayeem Islam, Trent Jaeger, Josyula R. Rao

Research output: Contribution to journal › Conference article › peer-review

Abstract

Java applets, Netscape plug-ins and ActiveX controls have led to the popularization of a new paradigm: extensive downloading of executable code into applications to enhance the functionality of the desktop. One of the problems with this paradigm is the need to control the access rights of the downloaded content. In this paper, we describe a system for downloading content front the Internet and controlling its actions on a client machine. Our system generates a protection domain for the downloaded content dynamically using the content's requested domain and a policy database that describes the user's trust in the content's manufacturer and type. Our system ensures that this protection domain is enforced throughout the execution of the content. We have modified the Java Virtual Machine to implement our security model. Our implementation, called Flexxguard, is freely available at http://www.alphaworks.ibm.com.

Original language	English (US)
Pages (from-to)	89-96
Number of pages	8
Journal	Proceedings of the IEEE Symposium on Reliable Distributed Systems
State	Published - Dec 1 1997
Event	Proceedings of the 1997 IEEE 16th Symposium on Reliable Distributed Systems - Durham, NC, USA Duration: Oct 22 1997 → Oct 24 1997

All Science Journal Classification (ASJC) codes

Software
Theoretical Computer Science
Hardware and Architecture
Computer Networks and Communications

Cite this

@article{30b0274e29314bccb660f87ab91ca53d,

title = "Flexible security model for using Internet content",

abstract = "Java applets, Netscape plug-ins and ActiveX controls have led to the popularization of a new paradigm: extensive downloading of executable code into applications to enhance the functionality of the desktop. One of the problems with this paradigm is the need to control the access rights of the downloaded content. In this paper, we describe a system for downloading content front the Internet and controlling its actions on a client machine. Our system generates a protection domain for the downloaded content dynamically using the content's requested domain and a policy database that describes the user's trust in the content's manufacturer and type. Our system ensures that this protection domain is enforced throughout the execution of the content. We have modified the Java Virtual Machine to implement our security model. Our implementation, called Flexxguard, is freely available at http://www.alphaworks.ibm.com.",

author = "Rangachari Anand and Nayeem Islam and Trent Jaeger and Rao, {Josyula R.}",

year = "1997",

month = dec,

day = "1",

language = "English (US)",

pages = "89--96",

journal = "Proceedings of the IEEE Symposium on Reliable Distributed Systems",

issn = "1060-9857",

publisher = "IEEE Computer Society",

note = "Proceedings of the 1997 IEEE 16th Symposium on Reliable Distributed Systems ; Conference date: 22-10-1997 Through 24-10-1997",

}

TY - JOUR

T1 - Flexible security model for using Internet content

AU - Anand, Rangachari

AU - Islam, Nayeem

AU - Jaeger, Trent

AU - Rao, Josyula R.

PY - 1997/12/1

Y1 - 1997/12/1

N2 - Java applets, Netscape plug-ins and ActiveX controls have led to the popularization of a new paradigm: extensive downloading of executable code into applications to enhance the functionality of the desktop. One of the problems with this paradigm is the need to control the access rights of the downloaded content. In this paper, we describe a system for downloading content front the Internet and controlling its actions on a client machine. Our system generates a protection domain for the downloaded content dynamically using the content's requested domain and a policy database that describes the user's trust in the content's manufacturer and type. Our system ensures that this protection domain is enforced throughout the execution of the content. We have modified the Java Virtual Machine to implement our security model. Our implementation, called Flexxguard, is freely available at http://www.alphaworks.ibm.com.

AB - Java applets, Netscape plug-ins and ActiveX controls have led to the popularization of a new paradigm: extensive downloading of executable code into applications to enhance the functionality of the desktop. One of the problems with this paradigm is the need to control the access rights of the downloaded content. In this paper, we describe a system for downloading content front the Internet and controlling its actions on a client machine. Our system generates a protection domain for the downloaded content dynamically using the content's requested domain and a policy database that describes the user's trust in the content's manufacturer and type. Our system ensures that this protection domain is enforced throughout the execution of the content. We have modified the Java Virtual Machine to implement our security model. Our implementation, called Flexxguard, is freely available at http://www.alphaworks.ibm.com.

UR - http://www.scopus.com/inward/record.url?scp=0031358966&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0031358966&partnerID=8YFLogxK

M3 - Conference article

AN - SCOPUS:0031358966

SN - 1060-9857

SP - 89

EP - 96

JO - Proceedings of the IEEE Symposium on Reliable Distributed Systems

JF - Proceedings of the IEEE Symposium on Reliable Distributed Systems

T2 - Proceedings of the 1997 IEEE 16th Symposium on Reliable Distributed Systems

Y2 - 22 October 1997 through 24 October 1997

ER -

Flexible security model for using Internet content

Abstract

All Science Journal Classification (ASJC) codes

Other files and links

Fingerprint

Cite this