Sciweavers

Share
EMSOFT
2004
Springer

A model-based approach to integrating security policies for embedded devices

9 years 4 months ago
A model-based approach to integrating security policies for embedded devices
Embedded devices like smart cards can now run multiple interacting applications. A particular challenge in this domain is to dynamically integrate diverse security policies. In this paper we show how a framework based on a concise formal model lets us securely customize a payment card equipped with a programmable chip. We present policy automata, a formal model of computations that grant or deny access to a resource. This model combines defeasible logic with state machines, representing complex policies as combinations of simpler modular policies. We use the model in a framework for specifying, merging and analyzing modular policies. This framework is implemented as Polaris, a tool which analyzes policy automata to reveal potential conflicts or redundancies, and compiles automata into Java Card applets. Categories and Subject Descriptors: C.3 [Computer Systems Organization]: Special-Purpose and Application-Based Systems realtime and embedded systems, smartcards; D.2.4 [Software Engin...
Michael McDougall, Rajeev Alur, Carl A. Gunter
Added 01 Jul 2010
Updated 01 Jul 2010
Type Conference
Year 2004
Where EMSOFT
Authors Michael McDougall, Rajeev Alur, Carl A. Gunter
Comments (0)
books