In this section, we discuss the exact vertex coloring, which gives partitioning with minimal number of proxies. A graph can be colored optimally by coloring with the first color a maximum independent set M1 in G , and then coloring with the second color with another maximum independent set M2 in G1 = −G M1, and so on until all vertices have been colored. Such kind of coloring algorithms are called optimal independent colorings [Christofides71][Christofides75]. With the algorithms for maximum independent set discussed earlier, we can partition the software and assign them with minimal number of proxies.
3.5 GUIDELINE FOR PARTITIONING AMONG PROXIES
Partitioning is easier if there are enough proxies available on the network. The smallest-last sequential assigning algorithm proposed earlier can be applied. If the number of color used by the approximate algorithm exceeds the number of proxies, the exact coloring
algorithms can be applied. Exact coloring algorithms give the solution to partition with minimal number of proxies. If the number of proxies available is fewer than the chromatic number (minimal number of coloring) for the graph, an ideal partitioning cannot be achieved.
In this case, we can use the exact coloring algorithm by assigning an maximum independent M1 in G to the first proxy, and assign M2 in G1 = −G M1 to the second proxy, and so on, until n−1 proxies in n have been used. The remaindering agents (which may not be independent) are assigned to the last proxy. Therefore, agents on each proxy are independent, except the last one. And we can concentrate on protecting the last proxy.
4. CONCLUSIONS
In this paper, a model for software authorization and protection in mobile code systems is proposed. To achieve flexible and global security for the rapid growing network environment, the protection for both the software property and principles in the network environment have been taken into consideration. In the proposed model, a software consists of agents. The privileges to access these agents are separated and distributed to a number of trusted computational proxies. The execution of a software are conducted by cooperation of the agents and the proxies containing them. The user holding part of agents of the software will not be able to use the software without the help of these proxies.
Methods for software partitioning in this environment are also proposed. Independent agents are assigned to the user, which provide little information without cooperation with agents on the proxies. To improve the performance in this environment, computation load of the proxies and communication load between proxies and user should be minimized. An optimal assignment of agents for the software is also proposed to minimize, under the security considerations, the computation load of proxies and the communication load between proxies and user. To reduce the risk of proxies being attacked, vertex coloring has been applied to the partitioning. In the case that a proxy is compromised, little information
can be acquired by the intruder.
References
[Aho74] A. V. Aho, J. E. Hopcroft and J. D. Ullman, “The Design and Analysis of Computer Algorithms,” pp. 364-404, Addison-Wesley, Reading, MA 1974.
[Bala96] E. Balas and J. Xue, “Weighted and Unweighted Maximum Clique Algorithms with Upper Bounds from Fractional Coloring,” Algorithmica 15, pp. 397-412, 1996.
[Bark89] W. C. Barker, “Use of Privacy-Enhanced Mail for Software Distribution,” Fifth Annual Computer Security Applications Conference, pp. 344-347, 1989.
[Best79] R. Best, “Microprossor for Executing Encrypted Programs,” US Patent 4, 168396, 1979.
[Bic96] L. F. Bic, M. Fukuda, and M. B. Dillencourt, “Distributed Computing Using Autonomous Objects,” IEEE Computer, August 1996.
[Carz97] A. Carzaniga, G. P. Picco, and G. Vigna, “Designing Distributed Applications with a Mobile Code Paradigm,” In Proceedings of the 19th International Conference on Software Engineering, Boston, Ma., May 1997.
[Cian97] P. Ciancarini and D. Rossi, “Jada -- Coordination and Communication for Java Agents,” In Mobile Object Systems: Towards the Programmable Internet, pages 213-228. Springer-Verlag, April 1997. Lecture Notes in Computer Science No. 1222.
[Chen88] G. H. Chen, M. T. Kuo, and J. P. Sheu, “An Optimal Time Algorithm for Finding a Maximum Weight Independent Set in a Tree,” BIT 28, pp. 353-356, 1988.
[Chris71] N. Christofides, “An Algorithm for the Chromatic Number of a Graph,” The Computer Journal, 14, p. 38, 1971.
[Chris75] N. Christofides, “Graph Theory,” Academic Press, London, 1975.
[Clark91] J. Clark and D. A. Holton,” A First Look at Graph Theory,” World Scientific, 1991.
[Curtis94] D. Curtis, “Software Privacy and Copyright Protection,” WESCON/94, Idea/Microelectronics, Conference record, pp. 199-203.
[Dakin95] K. J. Dakin, “Do You Know What Your License Allows?” IEEE Software, pp.
82-83, May 1995.
[Dean96] D. Dean, E. Felten, and D. Wallach, “Java Security: From HotJava to Netscape and Beyond,” Proc. IEEE Symp. Security and Privacy, pp. 190-200, May 1996.
[Dono94] S. Donovan, “Patent, Copyright and Trade Secret Protection for Software,”
IEEE Potentials, pp. 20-24, August/September 1994.
[Garey79] M. R. Garey and D. S. Johnson, “Computers and Intractability: A guide to the Theory of NP-Completeness,” Freeman, San Francisco, CA., 1979.
[Ghez97] C. Ghezzi and G. Vigna, “Mobile Code Paradigms and Technologies: A Case Study,” In Proceedings of the First International Workshop on Mobile Agents, Berlin, Germany, April 1997.
[Gong97] L. Gong, "New Security Architectural Directions for Java (Extended Abstract)" . In Proceedings of IEEE COMPCON, San Jose, California, pp. 97-102, Feb.
1997.
[Gos96] J. Gosling and H. McGilton, “The Java Language Environment,” Sun Microsystems, May 1996, http://java.sun.com/doc/language_environment/.
[Gray95] R. S. Gray, “Agent Tcl: A Transportable Agent System,” In Proceedings of the CIKM Workshop on Intelligent Information Agents, Baltimore, Md., December 1995.
[Harn92] L. Harn, H.Y. Lin and S. Yang, “A Software Authentication System for Information Integrity,” Computers and Security, Vol.11, No.4, pp. 747-752, 1992.
[Karjoth97] G. Karjoth, D. B. Lange, and M. Oshima, “A Security Model for Aglets,”
IEEE Internet Computing, 1997.
[Kent80] S. T. Kent, “Protecting Externally Supplied Software in Small Computers,”
Ph.D. dissertation, MIT/LCS/TR-255. MIT, Cambridge, Mass, 1980.
[Kopf87] R. Kopf and G. Ruhe, “A Computational Study of the Weighted Independent
Set Problem for General Graphs,” Foundations of Control Engineering, pp.
167-180, 1987.
[Neff94] R. E. Neff, “Software Piracy: International Copyright Overview,”
WESCON/94, Idea/Microelectronics, Conference record, pp. 190-195.
[Parda91] P. M. Pardalos and N. Desai, “An Algorithm for Finding a Maximum Weighted Independent Set in an Arbitrary Graph,” Int. J. Comput. Math. 38, pp.
163-175, 1991.
[Rubin95] A. D. Rubin, “Trusted Distribution of Software Over the Internet,” Proc. IEEE Symp. On Network and Distributed System Security , pp. 47-53, 1995.
[Sun96a] “Remote Method Invocation Specification”, Sun Microsystems Inc.
http://www.javasoft.com/products/jdk/1.1/docs/guide/rmi/spec/rmiTOC.doc.ht ml.
[Sun96b] “Signed Applets and Digital Signatures,” Sun Microsystems Inc.
http://java.sun.com/products/JDK/1.1/docs/guide/signing.
[Tarjan77] R. E. Tarjan and A. E. Trojanowski, “Finding a Maximum Independent Set,”
SIAM J. Comput., 6, no. 3, pp. 537-546, 1977.
[Venners97] B. Venners, “The Architecture of Aglets,” Java World, http://www.java-world.com/javaworld/jw-04-1997/jw-04-hood.html, April 1997.
[Voelker86] J. Voelker and P. Wallich, “ How Disks are ‘Padlocked’,” IEEE Spectrum, p. 32, June 1986.
[Welsh67] D. J. A. Welsh and M.B. Powell, “An Upper bound for the Chromatic Number of a Graph and its Application to Timetabling Problems,” Comput. J., 10:85-86, 1967.
[White90] S. R. White and L. Comerford, “ABYSS: Architecture for Software Protection,” IEEE Transactions on Software Engineering, Vol. 16, No. 6, pp.
619-629, June 1990.
[Wilson97] A. Wilson, “Software Security and the DirectPlay API,” Dr. Dobb’s Journal, pp.
66, April 1997.
[Xue94] J. Xue, “Edge-Maximal Triangulated Subgraphs and Heuristics for Maximum
Clique Problem,” Networks, Vol. 24, pp. 109-120, 1994.
[Zhang97] X. N. Zhang, “Secure Code Distribution,” IEEE Computer, Vol. 30, No. 6, pp.
76-79, June 1997.