We consider security threats in software installation processes, posed by transitively trusted dependencies between packages from distinct repositories. To analyse them, we present SecureNDC, a Coq implemented calculus using an explicit trust function to bridge repository access and software package installation rights. Thereby, we resolve a version of the minimum install problem under trust conditions on repositories.
Minimizing transitive trust threats in software management systems / J. Boender, G. Primiero, F. Raimondi - In: 2015 13th Annual Conference on Privacy, Security and Trust (PST)[s.l] : IEEE, 2015. - ISBN 9781467378284. - pp. 191-198 (( Intervento presentato al 13. convegno Annual Conference on Privacy, Security and Trust (PST) tenutosi a Izmir nel 2015 [10.1109/PST.2015.7232973].
Minimizing transitive trust threats in software management systems
G. Primiero;
2015
Abstract
We consider security threats in software installation processes, posed by transitively trusted dependencies between packages from distinct repositories. To analyse them, we present SecureNDC, a Coq implemented calculus using an explicit trust function to bridge repository access and software package installation rights. Thereby, we resolve a version of the minimum install problem under trust conditions on repositories.File | Dimensione | Formato | |
---|---|---|---|
07232973.pdf
accesso riservato
Tipologia:
Publisher's version/PDF
Dimensione
167.73 kB
Formato
Adobe PDF
|
167.73 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
untrustsecureND.pdf
accesso aperto
Tipologia:
Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione
370.91 kB
Formato
Adobe PDF
|
370.91 kB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.