Matching in security-by-contract for mobile code

Publication: Research - peer-reviewJournal article – Annual report year: 2009

Without internal affiliation

  • Author: Bielova, N.

    Univ Trent

  • Author: Dragoni, Nicola

    Unknown

  • Author: Massacci, F

    Univ Trent

  • Author: Naliuka, K.

    Univ Trent

  • Author: Siahaan, I.

    Univ Trent

View graph of relations

We propose the notion of security-by-con tract, a mobile contract that an application carries with itself. The key idea of the framework is that a digital signature should not just certify the origin of the code but rather bind together the code with a contract. We provide a description of the workflow for the deployment and execution of mobile code in the setting of security-by-con tract, describe a structure for a contractual language and propose a number of algorithms for one of the key steps in the process, the contract-policy matching issue. We also describe the prototype for matching policies with security claims of mobile applications that we have currently implemented. We argue that security-by-con tract would provide a semantics for digital signatures on mobile code thus being a step in the transition from trusted code to trustworthy code. (C) 2009 Published by Elsevier Inc.
Original languageEnglish
JournalJournal of Logic and Algebraic Programming
Publication date2009
Volume78
Issue5
Pages340-358
ISSN1567-8326
DOIs
StatePublished
CitationsWeb of Science® Times Cited: 1
Download as:
Download as PDF
Select render style:
APAAuthorCBEHarvardMLAStandardVancouverShortLong
PDF
Download as HTML
Select render style:
APAAuthorCBEHarvardMLAStandardVancouverShortLong
HTML
Download as Word
Select render style:
APAAuthorCBEHarvardMLAStandardVancouverShortLong
Word

ID: 4399426