Istituto di Informatica e Telematica     
Costantino G., Martinelli F., Santini F., Bistarelli S. Improving Role-based Access to Android Applications with JCHR. In: IWSMA 2014 - IWSMA 2014 - The 3rd International Workshop on Security of Mobile Applications (Fribourg, 11/09 2014). Proceedings, pp. 1 - 9. To appear, 2014.
In this paper we show how deductive and abductive reasoning in distributed authorisation can be efficiently ported to Android. Such logical-inference processes prove to be important tools due to the intrinsic autonomic-nature of these mobile devices. Both deduction and abduction are represented by using CHR, a high-level declarative constraint programming-language, and implemented in JCHR (CHR hosted in Java). To represent credentials we elaborate on RT W , a weighted Role-based Trust- management family of languages: CHR programs are developed after such languages. In general, having weights associated with credentials leads to a more informative reasoning; for instance, access can be granted only if the total uncertainty is less than 20%, or we can optimise between 20% and 80% when two (or more) access-paths are selectable using the same set of credentials.
Subject CHR, Constraint Handling Rules
Smartphone, Trust

Icona documento 1) Download Document PDF

Icona documento Open access Icona documento Restricted Icona documento Private


Per ulteriori informazioni, contattare: Librarian http://puma.isti.cnr.it

Valid HTML 4.0 Transitional