Introducing Probabilities in Contract-Based Approaches for Mobile Application Security
作者: Gianluca Dini , Fabio Martinelli , Ilaria Matteucci , Andrea Saracino , Daniele Sgandurra
DOI: 10.1007/978-3-642-54568-9_18
关键词:
摘要: Security for mobile devices is a problem of capital importance, especially due to new threats coming from malicious applications. This has been proved by the increasing interest research community on topic security devices. Several solutions have recently proposed, address uprising However, several mechanisms may result not flexible enough, hard apply, or too coarse grained, e.g. critics raised against Android permission system. We argue that, it possible obtain more tools and finer grained requirements introducing probability measurements. In this paper we discuss how introduce probabilistic clauses into Security-by-Contract Security-by-Contract-with-Trust frameworks, revising main building blocks providing write contracts policies. A proof-of-concept implementation system also presented.
springer.com
sci-hub.st 参考文章(25)
Gianluca Dini, Fabio Martinelli, Andrea Saracino, Daniele Sgandurra, MADAM: A Multi-level Anomaly Detector for Android Malware Lecture Notes in Computer Science. pp. 240- 253 ,(2012) , 10.1007/978-3-642-33704-8_21
Yajin Zhou, Xinwen Zhang, Xuxian Jiang, Vincent W. Freeh, Taming information-stealing smartphone applications (on Android) trust and trustworthy computing. pp. 93- 107 ,(2011) , 10.1007/978-3-642-21599-5_7
Olga Gadyatskaya, Fabio Massacci, Anton Philippov, Security-by-Contract for the OSGi Platform information security conference. pp. 364- 375 ,(2012) , 10.1007/978-3-642-30436-1_30
Fabio Massacci, Nataliia Bielova, Predictability of enforcement international conference on engineering secure software and systems. pp. 73- 86 ,(2011) , 10.5555/1946341.1946349
Paolo Greci, Fabio Martinelli, Ilaria Matteucci, A Framework for Contract-Policy Matching Based on Symbolic Simulations for Securing Mobile Device Application leveraging applications of formal methods. pp. 221- 236 ,(2008) , 10.1007/978-3-540-88479-8_16
J. Briffaut, E. Lefebvre, J. Rouzaud-Cornabas, C. Toinard, PIGA-Virt: an advanced distributed MAC protection of virtual systems international conference on parallel processing. pp. 416- 425 ,(2011) , 10.1007/978-3-642-29740-3_47
Christel Baier, Bettina Engelen, Mila Majster-Cederbaum, Deciding Bisimilarity and Similarity for Probabilistic Processes Journal of Computer and System Sciences. ,vol. 60, pp. 187- 231 ,(2000) , 10.1006/JCSS.1999.1683
Nicola Dragoni, Fabio Massacci, Security-by-contract for web services Proceedings of the 2007 ACM workshop on Secure web services - SWS '07. pp. 90- 98 ,(2007) , 10.1145/1314418.1314433
Yasuyuki Tsukada, Interactive and Probabilistic Proof of Mobile Code Safety automated software engineering. ,vol. 12, pp. 237- 257 ,(2005) , 10.1007/S10515-005-6207-9
Gabriele Costa, Nicola Dragoni, Aliaksandr Lazouski, Fabio Martinelli, Fabio Massacci, Ilaria Matteucci, Extending Security-by-Contract with Quantitative Trust on Mobile Devices complex, intelligent and software intensive systems. ,vol. 1, pp. 872- 877 ,(2010) , 10.1109/CISIS.2010.33