A calculus of mobile processes, II
Information and Computation
Computer-aided verification of coordinating processes: the automata-theoretic approach
Computer-aided verification of coordinating processes: the automata-theoretic approach
KLAIM: A Kernel Language for Agents Interaction and Mobility
IEEE Transactions on Software Engineering
Theoretical Computer Science
ACM Transactions on Information and System Security (TISSEC)
Software update via mobile agent based programming
Proceedings of the 2002 ACM symposium on Applied computing
The Theory and Practice of Concurrency
The Theory and Practice of Concurrency
CONCUR '96 Proceedings of the 7th International Conference on Concurrency Theory
FoSSaCS '98 Proceedings of the First International Conference on Foundations of Software Science and Computation Structure
Research on Proof-Carrying Code for Untrusted-Code Security
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Understanding Trust Management Systems
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Automatic placement of authorization hooks in the linux security modules framework
Proceedings of the 12th ACM conference on Computer and communications security
Over-Approximating Boolean Programs with Unbounded Thread Creation
FMCAD '06 Proceedings of the Formal Methods in Computer Aided Design
SATABS: SAT-Based predicate abstraction for ANSI-C
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Symbolic model checking for asynchronous boolean programs
SPIN'05 Proceedings of the 12th international conference on Model Checking Software
Hi-index | 0.00 |
This paper describes an approach for the automated verification of mobile programs. Mobile systems are characterized by the explicit notion of locations (e.g., sites where they run) and the ability to execute at different locations, yielding a number of security issues.We give formal semantics to mobile systems as Labeled Kripke Structures, which encapsulate the notion of the location net. The location net summarizes the hierarchical nesting of threads constituting a mobile program and enables specifying security policies. We formalize a language for specifying security policies and show how mobile programs can be exhaustively analyzed against any given security policy by using model checking techniques. We developed and experimented with a prototype framework for analysis of mobile code, using the SATABS model checker. Our approach relies on SATABS's support for unbounded thread creation and enhances it with location net abstractions, which are essential for verifying large mobile programs. Our experimental results on various benchmarks are encouraging and demonstrate advantages of the model checking-based approach, which combines the validation of security properties with other checks, such as for buffer overflows.