Infosec Research Council
Malicious Code Infosec Science and Technology Study Group

Resources

You Should Already Have Read This

Thompson, K. Reflections on Trusting Trust. Commun. ACM 27, 8 (Aug. 1984).

Wagner, D.A. Janus: An approach for confinement of untrusted applications.


Why Aren't They Using This

Wallach, D.S., and Felten, E.W. Understanding Java Stack Inspection. Proceedings of 1998 IEEE Symposium on Security and Privacy (Oakland, California), May 1998.

A survey of program slicing techniques. Technical Report CS-R9438, Centrum voor Wiskunde en Informatica (CWI), CWI, P.O. Box 94079, 1090 GB Amsterdam, The Netherlands, July 1994.


New Stuff

Lee, P. Proof-Carrying Code.


Other Things to Consider

Lo, R.W., Levitt, K.N., Olsson, R.A., all of UC-Davis. A Malicious Code Filter. Journal "Computers and Security" 14, 6, p.514-66.

Rubin, A.D., Geer, D.E. Mobile Code Security. IEEE Internet Computing, 2, 6 (Nov./Dec. 1998).

McGraw, G.E., and Felten, E.W. Securing Java.

IEEE Internet Computing: Security and Mobile Code (this stuff is only available to IEEE online subscription holders...shame on the IEEE)



Home

This site hosted and maintained by Reliable Software Technologies
Comments, etc. to webmaster@rstcorp.com
Copyright ©1999-2000