IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca

We consider security threats in software installation processes, posed by transitively trusted dependencies between packages from distinct repositories. To analyse them, we present SecureNDC, a Coq implemented calculus using an explicit trust function to bridge repository access and software package installation rights. Thereby, we resolve a version of the minimum install problem under trust conditions on repositories.

Minimizing transitive trust threats in software management systems / J. Boender, G. Primiero, F. Raimondi - In: 2015 13th Annual Conference on Privacy, Security and Trust (PST)[s.l] : IEEE, 2015. - ISBN 9781467378284. - pp. 191-198 (( Intervento presentato al 13. convegno Annual Conference on Privacy, Security and Trust (PST) tenutosi a Izmir nel 2015 [10.1109/PST.2015.7232973].

Minimizing transitive trust threats in software management systems

G. Primiero;
2015

Abstract

We consider security threats in software installation processes, posed by transitively trusted dependencies between packages from distinct repositories. To analyse them, we present SecureNDC, a Coq implemented calculus using an explicit trust function to bridge repository access and software package installation rights. Thereby, we resolve a version of the minimum install problem under trust conditions on repositories.
distrust; calculus
Settore M-FIL/02 - Logica e Filosofia della Scienza
2015
Book Part (author)
03 - Contributo in volume
File in questo prodotto:
File Dimensione Formato  
07232973.pdf

accesso riservato

Tipologia: Publisher's version/PDF
Dimensione 167.73 kB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
167.73 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
untrustsecureND.pdf

accesso aperto

Tipologia: Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione 370.91 kB
Formato Adobe PDF
Visualizza/Apri
370.91 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/700167
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 8
  • ???jsp.display-item.citation.isi??? 3
social impact