Security-by-Contract: Toward a Semantics for Digital Signatures on Mobile Code

14 years 5 months ago

Download dit.unitn.it

In this paper we propose the notion of security-by-contract, a mobile contract that an application carries with itself. The key idea of the framework is that a digital signature should not just certify the origin of the code but rather bind together the code with a contract. We provide a description of the overall lifecycle of mobile code in the setting of security-by-contract, describe a tentative structure for a contractual language and propose a number of algorithms for one of the key steps in the process, the contract-policy matching issue. We argue that security-by-contract would provide a semantics for digital signatures on mobile code thus being a step in the transition from trusted code to trustworthy code.

Nicola Dragoni, Fabio Massacci, Katsiaryna Naliuka

Real-time Traffic

Code | Digital Signatures | EUROPKI 2007 | Mobile Code | Security Privacy |

claim paper

Post Info
More Details (n/a)

Added	07 Jun 2010
Updated	07 Jun 2010
Type	Conference
Year	2007
Where	EUROPKI
Authors	Nicola Dragoni, Fabio Massacci, Katsiaryna Naliuka, Ida Siahaan

Comments (0)

Sciweavers

Security-by-Contract: Toward a Semantics for Digital Signatures on Mobile Code

Code | Digital Signatures | EUROPKI 2007 | Mobile Code | Security Privacy |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers