The team
Research projects
Publications
Research projects
Teaching
Open positions
Eurecom

Mobile Code Security

The goal of this project is to investigate security issues related to mobile code. Mobile code encompasses various applications ranging from simple applets to intelligent software agents or nomadic computing applications. The mobile code paradigm offers several advantages over the more traditional distributed computing approaches: flexibility in software design beyond the well established object oriented paradigm and bandwidth optimization, just to name two of them. As usual, increased flexibility comes with a cost that is increased vulnerability in the face of malicious intrusion scenarios akin to Internet.

Possible vulnerabilities with mobile code fall in one of two categories:

  • attacks performed by a mobile program against the remote host on which the program is executed like in the now common example of malicious applets
  • subversion of the mobile code and its data by the remote execution environment.

Team

Publications

[LBR02] Sergio Loureiro, Laurent Bussard, and Yves Roudier. 
Extending Tamper-Proof Hardware Security to Untrusted Execution Environments. in Proceedings of the Fifth Smart Card Research and Advanced Application Conference (CARDIS'02) - USENIX - IFIP working group 8.8 (smart cards), San Jose, California, November 20th-22nd, 2002.
[LMP01] Sergio Loureiro, Refik Molva, and Alain Pannetrat. 
Secure Data Collection with Updates. Electronic Commerce Research Journal, 1/2:119-130, February/March 2001.
PDF
[Lou01] S. Loureiro. 
Mobile Code Protection. PhD thesis, January 2001. Sophia Antipolis, France.
PDF
[MR00] Refik Molva and Yves Roudier. 
A Distributed Access Control Model for Java. In Proceedings of ESORICS 2000 (European Symposium On Research In Computer Security), Toulouse, France, October 2000.
PDF
[LM00] Sergio Loureiro and Refik Molva. 
Mobile Code Protection with Smartcards. In 6th ECOOP Workshop on Mobile Object Systems, Cannes, France, June 2000.
PDF
[LMR00] Sergio Loureiro, Refik Molva, and Yves Roudier. 
Mobile Code Security. In proceedings of ISYPAR 2000 (4ème Ecole d'Informatique des Systèmes Parallèles et Répartis), Code Mobile, Toulouse, France, February 2000.
PDF
[LM99c] Sergio Loureiro and Refik Molva. 
Privacy for Mobile Code. In Proceedings of the Distributed Object Security Workshop - OOPSLA'99, pages 37-42, Denver, November 1999.
PDF
[LM99b] Sergio Loureiro and Refik Molva. 
Function Hiding based on Error Correcting Codes. In Manuel Blum and C. H. Lee, editors, Proceedings of Cryptec'99 - International Workshop on Cryptographic Techniques and Electronic Commerce, pages 92-98. City University of Hong-Kong, July 1999.
PDF
[LM99a] S. Loureiro and R. Molva. 
Process for securing the execution of a mobile code in an untrusted environment, July 1999. European Patent 99480057.
[MT98] R. Molva and G. Tsudik. 
Secret Sets and Applications. Information Processing Letters, 65, April 1998.
PDF

[Webmaster] - [NSTeam] - Eurecom - 09/11/98