Security and Safety Aspects of Mobile Codes

Important Note: This project does not require a formal background in compilers area. Interest in programming languages and compilers is desired.

Sponsor	Prof. Santosh Pande
	santosh@cc.gatech.edu

Area	Systems

Project description

Mobile codes transmitted over network are vulnerable and someone can change their behaviour to create a potentially malignant code. The approaches to protect against such program manipulations could involve two types of solutions : inserting and verifying program properties at sending and receiving end and sending only pieces of program which do not leak whole program semantic information.

Our goal in this project is to read a few papers related to the above approaches and compare their solutions. We could then define the notion of safe region of a program and problem to detecting such regions by programming language extensions and compiler techniques.

Key references:

1. W. Amme, N. Dalton, J. Ronne and M. Franz , `SafeTSA: A Type Safe and Referentially Secure Mobile-Code Representation Based on Static Single Assignment Form ', ACM SIGPLAN 2001 Conference on Programming Language Design and Implementation, June 2001, Snow Bird, Utah, pp. 137--147.

2. G. Necula, `Proof-Carrying Code. ', Principles and Practice of Programming Languages (POPL) 1997.