Supporting reconfigurable security policies for mobile programs

Programming models that support code migration have gained prominence, main ly due to a widespread shift from stand-alone to distributed applications. Although appealing in terms of system design and extensibility, mobile prog rams are a security risk and require strong access control. Further, the mo bile code environment is fluid, i.e. the programs and resources located on a host may change rapidly, necessitating an extensible security model. In t his paper, we present the design and implementation of a security infrastru cture. The model is built around an event/response mechanism, in which a re sponse is executed when a security-related event occurs. We support a fine- grained, conditional access control language, and enforce policies by instr umenting the bytecode of protected classes. This method enhances efficiency and promotes separation of concerns between security policy and program sp ecification. This infrastructure also allows security policies to change at runtime, adapting to varying system state, intrusion, and other events. (C ) 2000 Published by Elsevier Science B.V. All rights reserved.