| Popularization of mobile codes such as Java applets brings challenges to the traditional computer network security. Security mechanism based on sandbox could protect hosts from attacking by malicious consumers theoretically, but it has been proved to have loopholes when beeing put into actual implementations.This paper introduces the main idea and key technology of mobile code security, discusses a remote playground approach propoed by Dahlia Malkhi etal to protect LAN consumers from malicious mobile codes, analyses its advantage and disadvantage. It proposes an improved scheme to implement the security mechanism. The paper is focused on three aspects. Firstly, it integrates the digital signature into the approach to extend its application range; secondly, for the sake of higher efficiency, adjusts its architecture; thirdly, modifies the HTML file parser to be compatible with HTML4.0. In addition, the paper designs the detailed implementation procedures for some key technologies such as proxy, HTML parser, bytecode file modification and Java RMI communication, gives out the related UML diagrams. In the latst part, the paper analyzes the three ways that malicious Java applet could enter the protection domain, evaluates the validity of the improved Playground algorithm, and prospects my work direction in the future. |
PDF Full Text Request