Towards practical security monitors of UML policies for mobile applications

被引:0
|
作者
Massacci, Fabio [1 ]
Naliuka, Katsiaryna [1 ]
机构
[1] Univ Trent, I-38100 Trento, Italy
来源
ARES 2008: PROCEEDINGS OF THE THIRD INTERNATIONAL CONFERENCE ON AVAILABILITY, SECURITY AND RELIABILITY | 2008年
关键词
D O I
10.1109/ARES.2008.191
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
There is increasing demand for running interacting applications in a secure and controllable way on mobile devices. Such demand is not fully supported by the Java/.NET security model based on trust domains nor by current security monitors or language-based security approaches. We propose an approach that allows security policies that are i) expressive enough to capture multiple sessions and interacting applications, ii) suitable for efficient monitoring, iii) convenient for a developer to specify them. Since getting all three at once is impossible, We advocate a logical language, 2D-LTL a bi-dimensional temporal logic fit for multiple sessions and for which efficient monitoring algorithms can be given, and a graphical language based on standard UML sequence diagrams with a tight correspondence between the two.
引用
收藏
页码:1112 / 1119
页数:8
相关论文
共 50 条
  • [1] Towards practical security monitors of UML policies for mobile applications
    Massacci, Fabio
    Naliuka, Katsiaryna
    [J]. EIGHTH IEEE INTERNATIONAL WORKSHOP ON POLICIES FOR DISTRIBUTED SYSTEMS AND NETWORKS - PROCEEDINGS, 2007, : 278 - 278
  • [2] Matching policies with security claims of mobile applications
    Bielova, Nataliia
    Dalla Torre, Marco
    Dragoni, Nicola
    Siahaan, Ida
    [J]. ARES 2008: PROCEEDINGS OF THE THIRD INTERNATIONAL CONFERENCE ON AVAILABILITY, SECURITY AND RELIABILITY, 2008, : 128 - +
  • [3] A Practical Biometric Random Number Generator for Mobile Security Applications
    Kanak, Alper
    Ergun, Salih
    [J]. IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, 2017, E100A (01) : 158 - 166
  • [4] Which security policies are enforceable by runtime monitors? A survey
    Khoury, Raphael
    Tawbi, Nadia
    [J]. COMPUTER SCIENCE REVIEW, 2012, 6 (01) : 27 - 45
  • [5] Towards a cooperative security system for mobile-health applications
    Silva, Bruno M. C.
    Rodrigues, Joel J. P. C.
    Canelo, Fabio
    Lopes, Ivo M. C.
    Lloret, Jaime
    [J]. ELECTRONIC COMMERCE RESEARCH, 2019, 19 (03) : 629 - 654
  • [6] Towards a cooperative security system for mobile-health applications
    Bruno M. C. Silva
    Joel J. P. C. Rodrigues
    Fábio Canelo
    Ivo M. C. Lopes
    Jaime Lloret
    [J]. Electronic Commerce Research, 2019, 19 : 629 - 654
  • [7] Towards performance evaluation of mobile systems in UML
    Balsamo, S
    Marzolla, M
    [J]. MODELLING AND SIMULATION 2003, 2003, : 61 - 68
  • [8] Late Breaking Results: Towards Practical Record and Replay for Mobile Applications
    Sahin, Onur
    Aliyeva, Assel
    Mathavan, Hariharan
    Coskun, Ayse
    Egele, Manuel
    [J]. PROCEEDINGS OF THE 2019 56TH ACM/EDAC/IEEE DESIGN AUTOMATION CONFERENCE (DAC), 2019,
  • [9] Enforcing non-safety security policies with program monitors
    Ligatti, J
    Bauer, L
    Walker, D
    [J]. COMPUTER SECURITY - ESORICS 2005, PROCEEDINGS, 2005, 3679 : 355 - 373
  • [10] Towards practical tools for mining abstractions in UML models
    Dao, M.
    Huchard, M.
    Hacene, A. Rouane
    Roume, C.
    Valtchev, R.
    [J]. ICEIS 2006: PROCEEDINGS OF THE EIGHTH INTERNATIONAL CONFERENCE ON ENTERPRISE INFORMATION SYSTEMS: INFORMATION SYSTEMS ANALYSIS AND SPECIFICATION, 2006, : 276 - +
12345