History-based Access Control for Mobile Code

In this paper, we present a {\\em history-based} access-control mechanism thatis suitable for mediating accesses from mobile code. Combined with a suitableidentity-based mechanism (eg, digital signatures), it significantly expands theset of programs that can be executed without compromising security or ease ofuse. We present {\\em Deeds} a history-based access control mechanism forJava. Apart from history-based nature, the other important feature of Deeds isits capability to install and compose multiple user-specified policies. Accesscontrol policies in Deeds are written in Java, and can be updated while theprograms whose accesses are being mediated is still in execution.