Making mobile code both safe and efficient

Abstract

Mobile programs can potentially be malicious. To protect itself, a host that receives such mobile programs from an untrusted party or via an untrusted network connection will want some kind of guarantee that the mobile code is not about to cause any damage. The traditional solution to this problem has been verification, by which the receiving host examines the mobile program to discover all its actions even before starting execution. Unfortunately, aside from consuming computing resources in itself, verification inhibits traditional compiler optimizations, making such verifiable mobile code much less efficient than native code. We have found an alternative solution by identifying a class of mobile-code representations in which malicious programs can simply not be encoded to begin with. In such an encoding, verification turns into an integral part of the decoding routine. Moreover, support for high-quality justin-time code generation can be provided. We present two such encodings, one based on highly effective compression of abstract syntax trees, and another based on a referencesafe and type-safe variant of Static Single Assignment form. Parts of this material were previously published under the title “Project transPROse: Reconciling Mobile-Code Security With Execution Efficiency” in The Second DARPA Information Survivability Conference and Exhibition (DISCEX II), Anaheim, California, June 2001, IEEE Computer Society Press, ISBN 0-7695-1212-7, pp. II.196–II.210. This research effort was sponsored by the Defense Advanced Research Projects Agency (DARPA) and Air Force Research Laboratory (AFRL), Air Force Materiel Command, USAF, under agreement number F30602-99-1-0536. The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright annotation thereon. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of DARPA, AFRL, or the U.S. Government.