A flexible security model for using Internet content

Java applets, Netscape plug-ins and ActiveX controls have led to the popularization of a new paradigm: extensive downloading of executable code into applications to enhance the functionality of the desktop. One of the problems with this paradigm is the need to control the access rights of the downloaded content. In this paper, we describe a system for downloading content from the Internet and controlling its actions on a client machine. Our system generates a protection domain for the downloaded content dynamically rising the content's requested domain and a policy database that describes the user's trust in the content's manufacturer and type. Our system ensures that this protection domain is enforced throughout the execution of the content. We have modified the Java Virtual Machine to implement our security model. Our implementation, called Flexxguard, is freely available at http://www.alphaworks.ibm.com.

[1]  Nathaniel S. Borenstein,et al.  Computational mail as network infrastructure for computer-supported cooperative work , 1992, CSCW '92.

[2]  Aviel D. Rubin Trusted distribution of software over the Internet , 1995, Proceedings of the Symposium on Network and Distributed System Security.

[3]  Andrew Berman,et al.  TRON: Process-Specific File Protection for the UNIX Operating System , 1995, USENIX.

[4]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[5]  Li Gong,et al.  New security architectural directions for Java , 1997, COMPCON.

[6]  Adi Shamir,et al.  On Digital Signatures and Public-Key Cryptosystems. , 1977 .

[7]  Atul Prakash,et al.  Building systems that flexibly control downloaded executable context , 1996 .

[8]  James A. Gosling,et al.  The java language environment: a white paper , 1995 .

[9]  Atul Prakash,et al.  Support for the file system security requirements of computational E-mail systems , 1994, CCS '94.

[10]  David A. Wagner,et al.  A Secure Environment for Untrusted Helper Applications , 1996, USENIX Security Symposium.

[11]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[12]  Dan S. Wallach,et al.  Java security: from HotJava to Netscape and beyond , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[13]  Michael J. Carey,et al.  The design of the E programming language , 1993, TOPL.

[14]  B. Clifford Neuman,et al.  Kerberos: An Authentication Service for Open Network Systems , 1988, USENIX Winter.

[15]  Atul Prakash,et al.  Implementation of a discretionary access control model for script-based systems , 1995, Proceedings The Eighth IEEE Computer Security Foundations Workshop.

[16]  Nathaniel S. Borenstein,et al.  EMail With A Mind of Its Own: The Safe-Tcl Language for Enabled Mail , 1994, ULPAA.