A formal specification of the MIDP 2.0 security model

Authors:
Santiago Zanella Béguelin;Gustavo Betarte;Carlos Luna
Affiliations:
INRIA Sophia Antipolis, Sophia Antipolis Cedex, France;InCo, Facultad de Ingeniería, Universidad de la República, Montevideo, Uruguay;InCo, Facultad de Ingeniería, Universidad de la República, Montevideo, Uruguay
Venue:
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Year:
2006

Citing 5
Cited 1

Programming from specifications

Programming from specifications
Refinement Calculus: A Systematic Introduction

Refinement Calculus: A Systematic Introduction
MIDP 2.0 Security Enhancements

HICSS '04 Proceedings of the Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS'04) - Track 9 - Volume 9
Interactive Theorem Proving and Program Development: Coq'Art The Calculus of Inductive Constructions

Interactive Theorem Proving and Program Development: Coq'Art The Calculus of Inductive Constructions
A formal model of access control for mobile interactive devices

ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security

A Framework for the Analysis of Access Control Models for Interactive Mobile Devices

Types for Proofs and Programs

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents, to the best of our knowledge, the first formal specification of the application security model defined by the Mobile Information Device Profile 2.0 for Java 2 Micro Edition. The specification, which has been formalized in Coq, provides an abstract representation of the state of a device and the security-related events that allows to reason about the security properties of the platform where the model is deployed. We state and sketch the proof of some desirable properties of the security model. Although the abstract specification is not executable, we describe a refinement methodology that leads to an executable prototype.