Information and Computation - Semantics of Data Types
Model checking security properties of control flow graphs
Journal of Computer Security
COLOG '88 Proceedings of the International Conference on Computer Logic
A formal specification of the MIDP 2.0 security model
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
A formal model of access control for mobile interactive devices
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Hi-index | 0.00 |
The Java Micro Edition platform (JME), a Java enabled technology, provides the Mobile Information Device Profile (MIDP) standard that facilitates applications development and specifies a security model for the controlled access to sensitive resources of the device. The model builds upon the notion of protection domain, which in turn can be grasped as a set of permissions. An alternative model has been proposed that extends MIDP's by introducing permissions with multiplicities and adding flexibility to the way in which permissions are granted by the user of the device and used by the applications running on it. This paper presents a framework, formalized using the proof-assistant Coq, suitable for defining and comparing the access control policies that can be enforced by (variants of) those security models and to prove desirable properties they should satisfy. The proofs of some of those properties are also stated and discussed in this work.