Guido van 't Noordende

Learn More
System call interception based jailing is a well-known method for confining (sandboxing) untrusted binary applications. Existing systems that are implemented using standard UNIX debugging mechanisms are rendered insecure by several race conditions. This paper gives an overview of the most important threats to jailing systems, and presents novel mechanisms(More)
Designing a secure and reliable mobile agent system is a difficult task. The agent operating system (AOS) is a building block that simplifies this task. AOS provides common primitives required by most mobile agent middleware systems, such as primitives for secure communication, secure and tamper-evident agent packaging and agent migration. Different(More)
Most existing Grid technology has been foremost designed with performance and scalability in mind. When using Grid infrastructure for medical applications, privacy and security considerations become paramount. This leads to a rethinking of implementation and deployment aspects of common components of the current Grid architecture. This paper describes the(More)
Mobile code and mobile agents are generally associated with security vulnerabilities, rather than with increased security. This paper describes an approach in which mobile agents are <i>confined</i>, in order to allow content providers to retain control over how their data is exported while allowing agents to search the full content of this data locally.(More)
—BACKGROUND: Information Security is important for e-Science research groups and other small organisations that design and operate science gateways and virtual research environments, especially when such environments are being used for (bio)medical research. We propose a novel method to do risk assessments: MISRAM, the Model-based Information Security Risk(More)
  • 1