Introducing Probabilities in Contract-Based Approaches for Mobile Application Security
نویسندگان
چکیده
Security for mobile devices is a problem of capital importance, especially due to new threats coming from malicious applications. This has been proved by the increasing interest of the research community on the topic of security on mobile devices. Several security solutions have been recently proposed, to address the uprising threats coming from malicious applications. However, several mechanisms may result not flexible enough, hard to apply, or too coarse grained, e.g. several critics have been raised against the Android permission system. We argue that, it is possible to obtain more flexible security tools and finer grained security requirements by introducing probability measurements. In this paper we discuss how to introduce probabilistic clauses into the Securityby-Contract and the Security-by-Contract-with-Trust frameworks, revising the main building blocks and providing tools to write probabilistic contracts and policies. A proof-of-concept implementation on Android system has also been presented.
منابع مشابه
ارائه یک رویکرد همانند سازی شده عامل محور در اجرای یک الگوی کد متحرک مطمئن
Abstract Using mobile agents, it is possible to bring the code close to the resources, which is not foreseen by the traditional client/server paradigm. Compared to the client/server computing paradigm, the greater flexibility of the mobile agent paradigm comes at additional costs as well as the additional complexity of developing and managing mobile agent-based applications. Such complexity ...
متن کاملEnforcing Mobile Application Security Through Probabilistic Contracts
Security for mobile devices is a problem of capital importance, especially due to new threats coming from malicious applications. Though several security solutions have already been proposed, security requirements have been always considered as binary: allow or deny. We argue that a more realistic vision of security can be given using probabilistic and quantitative requirements. In this paper, ...
متن کاملThe Presentation of an Ideal Safe SMS based model in mobile Electronic commerce using Encryption hybrid algorithms AES and ECC
Mobile commerce is whatever electronic transfer or transaction via a mobile modem through a mobile net in which the true value or advance payment is done for goods, services or information. A mobile payment system should be beneficial for all related persons. For a payment system to be a Successful system, End-user, seller, exporter and operators should see a additional value in it. End-user ...
متن کاملCore Curriculum in Medical Education: Introducing Some Approaches
Introduction: Application of proper approaches as a logical framework for creating core curriculum prevents making additional information in curricula. This study aimed to introduce some useful approaches for determining core curriculum in medical science. Methods: This review study was done by electronic searching (PubMed, ERIC, Google Scholar) as well as manual searching (library resources)....
متن کاملSecurity-by-Contract-with-Trust for Mobile Devices
Security-by-Contract (S×C) is a paradigm providing security assurances for mobile applications. In this work, we present the an extension of S×C, called Security-by-Contract-with-Trust (S×C×T). Indeed, we enrich the S×C architecture by integrating a trust model and adding new modules and configurations for managing contracts. Indeed, at deploy-time, our system decides the run-time configuration...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013