A flexible security architecture to support third-party applications on mobile devices

2 November 2007

conference paper
conference paper
Published by Association for Computing Machinery (ACM)

p. 19-28
https://doi.org/10.1145/1314466.1314470

Abstract

The problem of supporting the secure execution of potentially malicious third-party applications has received a considerable amount of attention in the past decade. In this paper we describe a security architecture for mobile devices that supports the flexible integration of a variety of advanced technologies for such secure execution of applications, including run-time monitoring, static verification and proof-carrying code. The architecture also supports the execution of legacy applications that have not been developed to take advantage of our architecture, though it can provide better performance and additional services for applications that are architecture-aware. The proposed architecture has been implemented on a Windows Mobile device with the .NET Compact Framework. It offers a substantial security benefit compared to the standard state-of-practice) security architecture of such devices, even for legacy applications.status: publishe

Keywords

This publication has 7 references indexed in Scilit:

Certified In-lined Reference Monitoring on .NET
Published by Association for Computing Machinery (ACM) ,2006
Composing security policies with polymer
Published by Association for Computing Machinery (ACM) ,2005
Flexible policy-directed code safety
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2003
Enforceable security policies
ACM Transactions on Information and System Security, 2000
A type system for expressive security policies
Published by Association for Computing Machinery (ACM) ,2000
The design and implementation of a certifying compiler
Published by Association for Computing Machinery (ACM) ,1998
Proof-carrying code
Published by Association for Computing Machinery (ACM) ,1997

Cited by 15 articles