Security for Mobility

Hanne Riis Nielson, Flemming Nielson, Mikael Buchholtz

AbstractWe show how to use static analysis to provide information about security issues related to mobility. First the syntax and semantics of Mobile Ambients is reviewed and we show how to obtain a so-called 0CFA analysis that can be implemented in polynomial time. Next we consider discretionary access control where we devise Discretionary Ambients, based on Safe Ambients, and we adapt the semantics and 0CFA analysis; to strengthen the analysis we incorporate context-sensitivity to obtain a 1CFA analysis. This paves the way for dealing with mandatory access control where we express both a Bell-LaPadula model for confidentiality as well as a Biba model for integrity. Finally, we use Boxed Ambients as a means for expressing cryptographic key exchange protocols and we adapt the operational semantics and the 0CFA analysis.
KeywordsSecurity, Mobility, Flow Logic, Mobile Ambients
TypeBook [Chapter]
Book titleFoundations of Security Analysis and Design II - FOSAD 2001/2002 Tutorial Lectures
Year2004    Vol. 2946    pp. 207-265
PublisherSpringer
SeriesLecture Notes in Computer Science
BibTeX data [bibtex]
IMM Group(s)Computer Science & Engineering