The notion of "boundary ambient" has been recently introduced to model multilevel security policies in the scenario of mobile systems, within pure Mobile Ambients calculus. Information flow is defined in terms of the possibility for a confidential ambient/data to move outside a security boundary, and boundary crossings can be captured through a suitable Control Flow Analysis. We show that this approach can be further enhanced to infer which ambients should be protected to guarantee the lack of information leakage for a given process.
Boundary inference for enforcing security policies in mobile ambients / C. Braghin, A. Cortesi, R. Focardi, S. van Bakel - In: Foundations of information technology in the era of network and mobile computing : IFIP 17. world computer congress - TC1 stream : 2. IFIP International conference on theoretical computer science (TCS 2002) : august 25-30, 2002, Montreal, Quebec, Canada / [a cura di] R. Baeza-Yates, U. Montanari, N. Santoro. - Boston : Kluwer, 2002. - ISBN 1402071817. - pp. 383-395 (( Intervento presentato al 17. convegno IFIP World computer congress, TC1 stream tenutosi a Montreal nel 2002.
Boundary inference for enforcing security policies in mobile ambients
C. BraghinPrimo
;
2002
Abstract
The notion of "boundary ambient" has been recently introduced to model multilevel security policies in the scenario of mobile systems, within pure Mobile Ambients calculus. Information flow is defined in terms of the possibility for a confidential ambient/data to move outside a security boundary, and boundary crossings can be captured through a suitable Control Flow Analysis. We show that this approach can be further enhanced to infer which ambients should be protected to guarantee the lack of information leakage for a given process.
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
