Extending ERLANG for Safe Mobile Code Execution
نویسندگان
چکیده
This paper discusses extensions to the functional language Erlang which provide a secure execution environment for remotely sourced code. This is in contrast to much existing work which has focused on securing procedural languages. Using a language such as Erlang provides a high degree of inherent run-time safety, which means e ort can be focused on providing a suitable degree of system safety. We found that the main changes needed were the use of unforgeable (capability) references with access rights to control the use of system resources; the provision of a hierarchy of execution nodes to provide custom views of the resources available and to impose utilisation limits; and support for remote module loading. We then discuss prototype implementations of these changes, used to evaluate their utility and impact on visibility for the users of the language, and mention work in progress using this foundation to specify safety policies by ltering messages to server processes.
منابع مشابه
Symbolic Execution in Erlang
The concurrent functional language Erlang [1] has a number of distinguishing features, like dynamic typing, concurrency via asynchronous message passing or hot code loading, that make it especially appropriate for distributed, faulttolerant, soft real-time applications. The success of Erlang is witnessed by the increasing number of its industrial applications. For instance, Erlang has been used...
متن کاملTowards Symbolic Execution in Erlang
The concurrent functional language Erlang [1] has a number of distinguishing features, like dynamic typing, concurrency via asynchronous message passing or hot code loading, that make it especially appropriate for distributed, faulttolerant, soft real-time applications. The success of Erlang is witnessed by the increasing number of its industrial applications. For instance, Erlang has been used...
متن کاملIntroducing SERCs Safer Erlang
In order to support outsourced and third party telecommunications applications, there is a desire to modify the Erlang language and execution environment to provide safe and partitioned execution of externally sourced or outsourced programs which are imported and run on a local Erlang system. This paper outlines a possible design approach, and describes the initial prototype.
متن کاملSafe Execution of Dynamically Loaded Code on Mobile Phones
Mobile phones are personal devices, and as such there is an increasing need for personalised, context-aware applications. This paper describes DCEF (Dynamic Code Execution Framework), a framework which allows applications to securely execute dynamically loaded code, providing new functionality such as client-side personalisation. DCEF ensures the user’s personal information remains safe while e...
متن کاملPurity in Erlang
Motivated by a concrete goal, namely to extend Erlang with the ability to employ user-defined guards, we developed a parameterized static analysis tool called PURITY, that classifies functions as referentially transparent (i.e., sideeffect free with no dependency on the execution environment and never raising an exception), side-effect free with no dependencies but possibly raising exceptions, ...
متن کامل