A location-based policy-specification language for mobile devices

Authors:
Joshua Finnis;Nalin Saigal;Adriana Iamnitchi;Jay Ligatti
Affiliations:
-;-;-;-
Venue:
Pervasive and Mobile Computing
Year:
2012

Citing 15
Cited 1

History-based access control for mobile code

CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
An Overview of AspectJ

ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
The Ponder Policy Specification Language

POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
Using CQUAL for Static Analysis of Authorization Hook Placement

Proceedings of the 11th USENIX Security Symposium
IRM Enforcement of Java Stack Inspection

SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
GEO-RBAC: a spatially aware RBAC

Proceedings of the tenth ACM symposium on Access control models and technologies
Automatic placement of authorization hooks in the linux security modules framework

Proceedings of the 12th ACM conference on Computer and communications security
Supporting location-based conditions in access control policies

ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Retrofitting Legacy Code for Authorization Policy Enforcement

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Run-Time Enforcement of Nonsafety Policies

ACM Transactions on Information and System Security (TISSEC)
Understanding Android Security

IEEE Security and Privacy
Composing expressive runtime security policies

ACM Transactions on Software Engineering and Methodology (TOSEM)
Semantically Rich Application-Centric Security in Android

ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Spatial security policies for mobile agents in a sentient computing environment

FASE'03 Proceedings of the 6th international conference on Fundamental approaches to software engineering
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones

OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation

Efficiency considerations in policy based management in resource constrained devices

GPC'12 Proceedings of the 7th international conference on Advances in Grid and Pervasive Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

The dramatic rise in mobile applications has greatly increased threats to the security and privacy of users. Security mechanisms on mobile devices are currently limited, so users need more expressive ways to ensure that downloaded mobile applications do not act maliciously. Policy-specification languages were created for this purpose; they allow the enforcement of user-defined policies on third-party applications. We have implemented LoPSiL, a location-based policy-specification language for mobile devices. This article describes LoPSiL's design and implementation, several example policies, and experiments that demonstrate LoPSiL's viability for enforcing policies on mobile devices.