Secure Prolog-based mobile code

  title={Secure Prolog-based mobile code},
  author={Seng Wai Loke and Andrew Davison},
  journal={Theory and Practice of Logic Programming},
  pages={321 - 357}
  • S. Loke, A. Davison
  • Published 2001
  • Computer Science
  • Theory and Practice of Logic Programming
LogicWeb mobile code consists of Prolog-like rules embedded in Web pages, thereby adding logic programming behaviour to those pages. Since LogicWeb programs are downloaded from foreign hosts and executed locally, there is a need to protect the client from buggy or malicious code. A security model is crucial for making LogicWeb mobile code safe to execute. This paper presents such a model, which supports programs of varying trust levels by using different resource access policies. The… Expand
A Hybrid Architecture for Web-based Expert Systems
A recent technique is to represent the knowledge base of an expert system in XML format. XML parsers are then used to convert XML data into expert system language code. The code is executed orExpand
Logic Programming Languages for the Internet
  • A. Davison
  • Computer Science
  • Computational Logic: Logic Programming and Beyond
  • 2002
We specify the major characteristics of the Internet under the headings: heterogeneity, service characteristics, dynamic nature, no global notions, and unreliability (i.e. security and partialExpand


The Safe-Tcl Security Model
Safe-Tcl is a mechanism for controlling the execution of programs written in the Tcl scripting language. It allows untrusted scripts (applets) to be executed while preventing damage to theExpand
Provably-secure programming languages for remote evaluation
Important research areas include designing suitable languages for remote evaluation, identifying appropriate security and safety properties for them, and developing provably-sound logics for reasoning about the properties in the context of separate compilation and dynamic linking. Expand
Java security: from HotJava to Netscape and beyond
This work examines the Java language and both the HotJava and Netscape browsers which support it, and finds a significant number of flaws which compromise their security. Expand
Security Properties of Typed Applets
This paper formcdizes the folklore result that strongly-typed applets are more secure than untyped ones and identifies sufficient conditions for the applet execution environment to be safe, such as procedural encapsulation, type abstraction, and systematic typebased placement of run-time checks. Expand
Mobile code security
this article presents two aspects of mobile code security, namely the protection of hosts receiving a malicious mobile code and the protection of a mobile code within a malicious host. IntroductionExpand
Programming languages for mobile code
This study describes several classes of mobile code and extracts their common characteristics, where security proves to be one of the major concerns. Expand
LogicWeb: Enhancing the Web with Logic Programming
LogicWeb illustrates that logic programming possesses many advantages for writing Web applications, including the simple representation of information, the ability to write meta-level descriptions, and the encoding of rules and heuristics necessary for “intelligent” behaviour. Expand
Security and dynamic class loading in Java: a formalisation
A formal specification of the dynamic loading of classes in the Java Virtual Machine and of the visibility of members of the loaded classes is given and an axiomatisation of the rules for membership of a class under inheritance is included. Expand
Analyzing Mobile Code Languages
The purpose of this paper is to provide a framework for a new set of programming language concepts and/or extend the concepts that are used to deal with conventional languages and to survey a number of existing new languages. Expand
Agent Tcl: A Flexible and Secure Mobile-Agent System
  • R. Gray
  • Engineering, Computer Science
  • Tcl/Tk Workshop
  • 1996
The motivation behind mobile agents is examined, the base Agent Tcl system and its security mechanisms for protecting a machine against malicious agents are described, and the system''s current performance is analyzed. Expand