- Authors
-
Algis Rudys
Dan S. Wallach
- Abstract
-
Language runtime systems are increasingly being embedded in systems to
support runtime extensibility via mobile code. Such systems raise a
number of concerns when the code running in such systems is
potentially buggy or untrusted. While sophisticated access controls
have been designed for mobile code and are shipping as part of
commercial systems such as Java, there is no support for terminating
mobile code short of terminating the entire language runtime. This
paper presents a concept called ``soft termination'' which can be
applied to virtually any mobile code system. Soft termination allows
mobile code threads to be safely terminated while preserving the
stability of the language runtime. In addition, function bodies can
be permanently disabled, thwarting attacks predicated on system
threads eventually calling untrusted functions. Soft termination
guarantees termination by breaking any potential infinite loops in
mobile code. We present a formal design for soft termination and an
implementation of it for Java, built using Java bytecode rewriting,
which demonstrates reasonable performance (3-25% slowdowns on
benchmarks).
- Published
-
ACM Transactions on Information and System Security (TISSEC),
Volume 5, Number 2, May 2002.
- Download
-
Postscript
Adobe PDF
- BibTEX Entry
@article { rudys2002termination,
author = "Algis Rudys and Dan S. Wallach",
title = "Termination in Language-Based Systems",
year = "2002",
month = may,
journal = "ACM Transactions on Information and System Security",
volume = 5,
number = 2,
pages = "138--168",
publisher = "ACM Press"
}