Sciweavers

ACSAC
2007
IEEE

Extending the Java Virtual Machine to Enforce Fine-Grained Security Policies in Mobile Devices

14 years 5 months ago
Extending the Java Virtual Machine to Enforce Fine-Grained Security Policies in Mobile Devices
The growth of the applications and services market for mobile devices is currently slowed down by the lack of a flexible and reliable security infrastructure. The development and adoption of a new generation of mobile applications depends on the end user’s ability to finely manage system security and control application’s behavior. The virtual execution environment for mobile software and services should support the security needs of users and applications. This paper proposes an extension to the security architecture of the Java Virtual Machine for mobile systems, to support fine-grained policy specification and run-time enforcement. Access control decisions are based on system state, application and system history data, as well as request specific parameters. The prototype implementation is running on desktops, as emulator, and on mobile devices, proving the high level of flexibility and security, with excellent performance provided by the extended architecture.
Iulia Ion, Boris Dragovic, Bruno Crispo
Added 02 Jun 2010
Updated 02 Jun 2010
Type Conference
Year 2007
Where ACSAC
Authors Iulia Ion, Boris Dragovic, Bruno Crispo
Comments (0)