Sciweavers

EUROPKI
2007
Springer

Security-by-Contract: Toward a Semantics for Digital Signatures on Mobile Code

14 years 6 months ago
Security-by-Contract: Toward a Semantics for Digital Signatures on Mobile Code
In this paper we propose the notion of security-by-contract, a mobile contract that an application carries with itself. The key idea of the framework is that a digital signature should not just certify the origin of the code but rather bind together the code with a contract. We provide a description of the overall lifecycle of mobile code in the setting of security-by-contract, describe a tentative structure for a contractual language and propose a number of algorithms for one of the key steps in the process, the contract-policy matching issue. We argue that security-by-contract would provide a semantics for digital signatures on mobile code thus being a step in the transition from trusted code to trustworthy code.
Nicola Dragoni, Fabio Massacci, Katsiaryna Naliuka
Added 07 Jun 2010
Updated 07 Jun 2010
Type Conference
Year 2007
Where EUROPKI
Authors Nicola Dragoni, Fabio Massacci, Katsiaryna Naliuka, Ida Siahaan
Comments (0)