Programming languages for mobile code

Sun's announcement of the programming language Java more that anything popularized the notion of mobile code, that is, programs traveling on a heterogeneous network and automatically executing upon arrival at the destination. We describe several classes of mobile code and extract their common characteristics, where security proves to be one of the major concerns. With these characteristics as reference points, we examine six representative languages proposed for mobile code. The conclusion of this study leads to our recommendations for future work, illustrated by examples of ongoing research.

[1]  Edward Wobber,et al.  Network objects , 1994, SOSP '93.

[2]  Luca Cardelli,et al.  A language with distributed scope , 1995, POPL '95.

[3]  Ken Arnold,et al.  The Java Programming Language , 1996 .

[4]  Jacques Malenfant,et al.  On the semantic diversity of delegation-based programming languages , 1995, OOPSLA.

[5]  Guy L. Steele,et al.  The Java Language Specification , 1996 .

[6]  David A. Schmidt,et al.  Denotationaisemantics: a methodology for language development , 1986 .

[7]  Geoffrey Smith,et al.  A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..

[8]  Nathaniel S. Borenstein,et al.  EMail With A Mind of Its Own: The Safe-Tcl Language for Enabled Mail , 1994, ULPAA.

[9]  François Rouaix A Web Navigator with Applets in Caml , 1996, Comput. Networks.

[10]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[11]  Mads Dam Analysis and verification of multiple-agent languages : 5th LOMAPS Workshop, Stockholm, Sweden, June 24-26, 1996 : selected papers , 1997 .

[12]  Flemming Nielson,et al.  Semantics with applications - a formal introduction , 1992, Wiley professional computing.

[13]  Robert Wahbe,et al.  Efficient and language-independent mobile programs , 1996, PLDI '96.

[14]  W.J. Hansen Enhancing documents with embedded programs: how Ness extends insets in the Andrew ToolKit , 1990, Proceedings. 1990 International Conference on Computer Languages.

[15]  Daniel Le Métayer,et al.  Compile-Time Detection of Information Flow in Sequential Programs , 1994, ESORICS.

[16]  Hemma Prafullchandra,et al.  Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2 , 1997, USENIX Symposium on Internet Technologies and Systems.

[17]  Carl E. Landwehr,et al.  Formal Models for Computer Security , 1981, CSUR.

[18]  J. Michael Spivey,et al.  Understanding Z : A specification language and its formal semantics , 1985, Cambridge tracts in theoretical computer science.

[19]  George C. Necula,et al.  Safe kernel extensions without run-time checking , 1996, OSDI '96.

[20]  Kevin Lano,et al.  The B language and method , 1996 .

[21]  Lone Leth Thomsen,et al.  Understanding Mobile Agents via a Non-Interleaving Semantics for Facile , 1996, SAS.

[22]  Peter D. Mosses,et al.  Denotational semantics , 1995, LICS 1995.

[23]  G. T. Gangemi,et al.  Computer Security Basics , 2006 .

[24]  Ken Arnold,et al.  The Java programming language (2nd ed.) , 1998 .

[25]  Frederick Knabe An Overview of Mobile Agent Programming , 1996, LOMAPS.

[26]  John K. Ousterhout,et al.  Tcl and the Tk Toolkit , 1994 .

[27]  Dan S. Wallach,et al.  Java security: from HotJava to Netscape and beyond , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[28]  Christian Huitema,et al.  IPv6--the new Internet protocol , 1996 .