Istituto di Informatica e Telematica     
Martinelli F., Matteucci I., Saracino A., Sgandurra D., Gianluca D. Introducing probabilities in contract-based approaches for mobile application security. In: SETOP 2013 (London, UK, 2013). Proceedings, pp. 284 - 299. Springer, 2013.
Security for mobile devices is a problem of capital importance, especially due to new threats coming from malicious applications. Though several security solutions have already been proposed, security requirements have been always considered as binary: allow or deny. We argue that a more realistic vision of security can be given using probabilistic and quantitative requirements. In this paper, we introduce a probabilistic description of the behavior of an application that a user is going to execute.We also allow the definition of finer grained user security requirements, by introducing probabilistic clause modifiers. Later, we present a probabilistic version of the Security-by-Contract and the Security by-Contract-with-Trust frameworks to guarantee probabilistic security requirements.
Subject Information flow controls
G.3 Probability and Statistics
D.4.6 Security and Protection (K.6.5)

Icona documento 1) Download Document PDF

Icona documento Open access Icona documento Restricted Icona documento Private


Per ulteriori informazioni, contattare: Librarian http://puma.isti.cnr.it

Valid HTML 4.0 Transitional