Automata Modulo Theory (AMT)

Massacci, Fabio and Siahaan, Ida (2009) Automata Modulo Theory (AMT). UNSPECIFIED. (Unpublished)

Download (823Kb) | Preview


    With the advent of the next generation java servlet on the smartcard, the Future Internet will be composed by web servers and clients silently yet busily running on high end smart cards in our phones and our wallets. In this new world model we can no longer accept the current security model where programs can be downloaded on our machines just because they are vaguely "trusted". We want to know what they do in more precise details. We claim that the Future Internet needs the notion of security-by-contract: a contract describes the security relevant interactions that an application could have with the smart devices hosting them. Compliance with contracts should verified at development time, checked at deployment time and contracts should be accepted by the platform before deployment and possibly their enforcement guaranteed, for instance by in-line monitoring. In this technical report we provide a formal model and an algorithm for matching the claims on the security behavior of a midlet (for short contract) with the desired security behavior of a platform (for short policy) on a security-by-contract framework for realistic security scenarios.

    Item Type: Departmental Technical Report
    Department or Research center: Information Engineering and Computer Science
    Subjects: Q Science > QA Mathematics > QA075 Electronic computers. Computer science
    Uncontrolled Keywords: Access control, Language-based security, Malicious code, Security and privacy policies
    Report Number: DISI-09-027
    Repository staff approval on: 02 Apr 2010

    Actions (login required)

    View Item