SciELO - Scientific Electronic Library Online

 
vol.18 issue3Towards Scalability for Federated Identity Systems for Cloud-Based EnvironmentsDigi-Clima Grid: image processing and distributed computing for recovering historical climate data author indexsubject indexarticles search 		Home Pagealphabetic serial listing  

Services on Demand

Journal

Article

Related links

Share

CLEI Electronic Journal

On-line version ISSN 0717-5000

Abstract

BETARTE, Gustavo  and  LUNA, Carlos. Formal Analysis of Security Models for Mobile Devices, Virtualization Platforms, and Domain Name Systems. CLEIej [online]. 2015, vol.18, n.3, pp.4-4. ISSN 0717-5000.

In this work we investigate the security of security-critical applications, i.e. applications in which a failure may produce consequences that are unacceptable. We consider three areas: mobile devices, virtualization platforms, and domain name systems. The Java Micro Edition platform defines the Mobile Information Device Profile (MIDP) to facilitate the development of applications for mobile devices, like cell phones and PDAs. We first study and compare formally several variants of the security model specified by MIDP to access sensitive resources of a mobile device. Hypervisors allow multiple guest operating systems to run on shared hardware, and offer a compelling means of improving the security and the flexibility of software systems. In this work we present a formalization of an idealized model of a hypervisor. We establish (formally) that the hypervisor ensures strong isolation properties between the different operating systems, and guarantees that requests from guest operating systems are eventually attended. We show also that virtualized platforms are transparent, i.e. a guest operating system cannot distinguish whether it executes alone or together with other guest operating systems on the platform. The Domain Name System Security Extensions (DNSSEC) is a suite of specifications that provides origin authentication and integrity assurance services for DNS data. We finally introduce a minimalistic specification of a DNSSEC model which provides the grounds needed to formally state and verify security properties concerning the chain of trust of the DNSSEC tree. We develop all our formalizations in the Calculus of Inductive Constructions -formal language that combines a higher-order logic and a richly-typed functional programming language- using the Coq proof assistant.

Keywords : Formal modelling; Security properties; Coq proof assistant; JME-MIDP; Virtualization.

        · abstract in Spanish     · text in English     · English ( pdf )

 

Creative Commons License All the contents of this journal, except where otherwise noted, is licensed under a Creative Commons Attribution License

J. Herrera y Reissig 565 - CP 11300.
Montevideo - Uruguay.
Tel: (598) 2711 4244 int. 124