Secure Prolog-based mobile code

@article{Loke2001SecurePM,
  title={Secure Prolog-based mobile code},
  author={Seng Wai Loke and Andrew Davison},
  journal={Theory and Practice of Logic Programming},
  year={2001},
  volume={1},
  pages={321 - 357}
}
  • S. Loke, A. Davison
  • Published 1 May 2001
  • Computer Science
  • Theory and Practice of Logic Programming
LogicWeb mobile code consists of Prolog-like rules embedded in Web pages, thereby adding logic programming behaviour to those pages. Since LogicWeb programs are downloaded from foreign hosts and executed locally, there is a need to protect the client from buggy or malicious code. A security model is crucial for making LogicWeb mobile code safe to execute. This paper presents such a model, which supports programs of varying trust levels by using different resource access policies. The… 
A Hybrid Architecture for Web-based Expert Systems
TLDR
A hybrid architecture is proposed where servers provide responses to complex queries using server-based processing of code, and clients handle simple queries using data from the XML knowledge base file.
Logic Programming Languages for the Internet
  • A. Davison
  • Computer Science
    Computational Logic: Logic Programming and Beyond
  • 2002
We specify the major characteristics of the Internet under the headings: heterogeneity, service characteristics, dynamic nature, no global notions, and unreliability (i.e. security and partial

References

SHOWING 1-10 OF 60 REFERENCES
The Safe-Tcl Security Model
Safe-Tcl is a mechanism for controlling the execution of programs written in the Tcl scripting language. It allows untrusted scripts (applets) to be executed while preventing damage to the
Provably-secure programming languages for remote evaluation
TLDR
Important research areas include designing suitable languages for remote evaluation, identifying appropriate security and safety properties for them, and developing provably-sound logics for reasoning about the properties in the context of separate compilation and dynamic linking.
Security Properties of Typed Applets
TLDR
This paper formulate and prove several security properties that all well-typed applets possess, and identify sufficient conditions for the applet execution environment to be safe, such as procedural encapsulation, type abstraction, and systematic type-based placement of run-time checks.
Java security: from HotJava to Netscape and beyond
TLDR
This work examines the Java language and both the HotJava and Netscape browsers which support it, and finds a significant number of flaws which compromise their security.
Mobile code security
TLDR
Two aspects of mobile code security are presented, namely theprotection of hosts receiving a malicious mobile code and the protection of a mobile code within a malicious host.
Programming languages for mobile code
TLDR
This study describes several classes of mobile code and extracts their common characteristics, where security proves to be one of the major concerns.
Security and dynamic class loading in Java: a formalisation
TLDR
A formal specification of the dynamic loading of classes in the Java Virtual Machine and of the visibility of members of the loaded classes is given and an axiomatisation of the rules for membership of a class under inheritance is included.
Analyzing Mobile Code Languages
TLDR
The purpose of this paper is to provide a framework for a new set of programming language concepts and/or extend the concepts that are used to deal with conventional languages and to survey a number of existing new languages.
A Security Model for Aglets
TLDR
A security model for the Aglets development environment that supports flexible architectural definition of security policies is described, which is based on the model developed at IBM's Tokyo Research Laboratory.
...
...