Theory and Practice of Logic Programming

Special issue
Regular Paper

Secure Prolog-based mobile code

a1 DSTC, Monash University, Caulfield, Victoria 3145, Australia (e-mail:
a2 Department of Computer Engineering, Prince of Songkla University, Hat Yai, Songkhla 90112, Thailand (e-mail:


LogicWeb mobile code consists of Prolog-like rules embedded in Web pages, thereby adding logic programming behaviour to those pages. Since LogicWeb programs are downloaded from foreign hosts and executed locally, there is a need to protect the client from buggy or malicious code. A security model is crucial for making LogicWeb mobile code safe to execute. This paper presents such a model, which supports programs of varying trust levels by using different resource access policies. The implementation of the model derives from an extended operational semantics for the LogicWeb language, which provides a precise meaning of safety.

Key Words: Prolog; World Wide Web; mobile code security.


1 This author is grateful to Leon Sterling who (with Andrew Davison) co-supervised the work on which this paper is based.