Istituto di Informatica e Telematica     
Dragoni N., Martinelli F., Masacci F., Mori P., Schaefer C., Walter T., Vetillard E. Security-by-Contract (SxC) for Software and Services of Mobile Systems. 426 p. Elisabetta Di Nitto, Anne-Marie Sassen, Paolo Traverso and Arian Zwegers (eds.). USA: MIT press, 2008.
In this chapter we propose the security-by-contract (SxC) framework and its techno- logical implementation for trusted deployment and execution of communicating mobile applications in heterogeneous environments. The objective is to build the basis for the opening of the software market of nomadic devices (from smart phones to PDA) to third party applications. The intuition of SxC is that applications should come equipped with a security contract (as in programming-by-contract [4]). In a nutshell, a contract describes the security relevant interactions that the mobile application could have with the mobile device. The contract should be accepted by the platform (if compatible with the pol- icy) at deployment time, and its enforcement guaranteed either by static analysis at development time or by monitoring at run time. This paradigm will not replace, but enhance today's security mechanisms, and will provide a exible, simple and scalable security mechanism for future mobile systems.
Subject Security
Mobile devices
D.4.6 Security and Protection

Icona documento 1) Download Document PDF

Icona documento Open access Icona documento Restricted Icona documento Private


Per ulteriori informazioni, contattare: Librarian http://puma.isti.cnr.it

Valid HTML 4.0 Transitional