Our work focuses on the protection of mobile code from potentially malicious execution environments. This problem is quite atypical since it does not rely on the security of the execution environment which has always been a basic assumption in classical reasoning about the security of cryptographic systems. We classify mobile code protection into code protection, and data protection. Code protection means the protection of the code during its execution, considering the environment as a potential adversary, rather than the protection of the code during transmission. Data protection deals with the security of data gathered by mobile code roaming through a set of competing hosts. Usual data protection techniques are not suited to the protection of data that changes dynamically during the code's trip. We developed a protocol that is based on a cryptographic technique that assures the integrity of a sequence of data segments regardless of the order of each segment in the sequence.
Concerning code protection, we further classify the problems into two categories, namely privacy of execution and integrity of execution. Privacy of execution aims at preventing the disclosure of the semantics of mobile code during its execution in a potentially hostile runtime environment. Integrity of execution assures that a program executed in a potentially hostile environment actually complies with its original semantics. We present original solutions that deal with both requirements. We present solutions without Tamper Proof Hardware (TPH) that address a very limited model of computation. Then, we build solutions using an auxiliary trusted TPH acting on behalf of the code owner. The limited TPH allows us to deal with a more flexible model of computation. The goal is not to execute the code on the trusted TPH but to extend its inherent security to the more powerful untrusted environment. The solution with TPH assumes that the data involved in the computations is stored in secure memory. We further enhance this solution by focusing on the protection of the data stored in untrusted memory.
