A flexible security architecture to support third-party applications on mobile devices
- 2 November 2007
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM)
Abstract
The problem of supporting the secure execution of potentially malicious third-party applications has received a considerable amount of attention in the past decade. In this paper we describe a security architecture for mobile devices that supports the flexible integration of a variety of advanced technologies for such secure execution of applications, including run-time monitoring, static verification and proof-carrying code. The architecture also supports the execution of legacy applications that have not been developed to take advantage of our architecture, though it can provide better performance and additional services for applications that are architecture-aware. The proposed architecture has been implemented on a Windows Mobile device with the .NET Compact Framework. It offers a substantial security benefit compared to the standard state-of-practice) security architecture of such devices, even for legacy applications.status: publisheKeywords
This publication has 7 references indexed in Scilit:
- Certified In-lined Reference Monitoring on .NETPublished by Association for Computing Machinery (ACM) ,2006
- Composing security policies with polymerPublished by Association for Computing Machinery (ACM) ,2005
- Flexible policy-directed code safetyPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2003
- Enforceable security policiesACM Transactions on Information and System Security, 2000
- A type system for expressive security policiesPublished by Association for Computing Machinery (ACM) ,2000
- The design and implementation of a certifying compilerPublished by Association for Computing Machinery (ACM) ,1998
- Proof-carrying codePublished by Association for Computing Machinery (ACM) ,1997