Abstract. Many programming languages have been developed and implemented for mobile code environments. They are typically quite expressive. But while security is an important aspect of any mobile code technology, it is often treated after the fundamental design is complete, in ad hoc ways. In the end, it is unclear what security guarantees can be made for the system. We argue that mobile programming languages should be designed around certain security properties that hold for all well-formed programs. This requires a better understanding of the relationship between programming language design and security. Appropriate security properties must be identified. Some of these properties and related issues are explored. An assortment of languages and environments have been proposed for mobile code. Some have been designed for use in executable content and others for use in agents [15, 34]. Parallel efforts in extensible networks and operating systems have also focused attention on language d...
Dennis M. Volpano, Geoffrey Smith