Sciweavers

JCS
2010

Verifying resource access control on mobile interactive devices

13 years 10 months ago
Verifying resource access control on mobile interactive devices
A model of resource access control is presented in which the access control to resources can employ user interaction to obtain the necessary permissions. This model is inspired by and improves on the Java security architecture used in Java-enabled mobile telephones. We extend the Java model to include access control permissions with multiplicities in order to allow to use a permission a certain number of times. We define a program model based on control flow graphs together with its operational semantics and provide a formal definition of the basic security policy to enforce viz that an application will always ask for a permission before using it to access a resource. A static analysis which enforces the security policy is defined and proved correct. A constraint solving algorithm implementing the analysis is presented.
Frédéric Besson, Guillaume Dufay, Th
Added 28 Jan 2011
Updated 28 Jan 2011
Type Journal
Year 2010
Where JCS
Authors Frédéric Besson, Guillaume Dufay, Thomas P. Jensen, David Pichardie
Comments (0)