SciELO - Scientific Electronic Library Online

 
vol.18 número3Towards Scalability for Federated Identity Systems for Cloud-Based EnvironmentsDigi-Clima Grid: image processing and distributed computing for recovering historical climate data índice de autoresíndice de materiabúsqueda de artículos		Home Pagelista alfabética de revistas  

Servicios Personalizados

Revista

Articulo

Links relacionados

Compartir

CLEI Electronic Journal

versión On-line ISSN 0717-5000

Resumen

BETARTE, Gustavo  y  LUNA, Carlos. Formal Analysis of Security Models for Mobile Devices, Virtualization Platforms, and Domain Name Systems. CLEIej [online]. 2015, vol.18, n.3, pp.4-4. ISSN 0717-5000.

In this work we investigate the security of security-critical applications, i.e. applications in which a failure may produce consequences that are unacceptable. We consider three areas: mobile devices, virtualization platforms, and domain name systems. The Java Micro Edition platform defines the Mobile Information Device Profile (MIDP) to facilitate the development of applications for mobile devices, like cell phones and PDAs. We first study and compare formally several variants of the security model specified by MIDP to access sensitive resources of a mobile device. Hypervisors allow multiple guest operating systems to run on shared hardware, and offer a compelling means of improving the security and the flexibility of software systems. In this work we present a formalization of an idealized model of a hypervisor. We establish (formally) that the hypervisor ensures strong isolation properties between the different operating systems, and guarantees that requests from guest operating systems are eventually attended. We show also that virtualized platforms are transparent, i.e. a guest operating system cannot distinguish whether it executes alone or together with other guest operating systems on the platform. The Domain Name System Security Extensions (DNSSEC) is a suite of specifications that provides origin authentication and integrity assurance services for DNS data. We finally introduce a minimalistic specification of a DNSSEC model which provides the grounds needed to formally state and verify security properties concerning the chain of trust of the DNSSEC tree. We develop all our formalizations in the Calculus of Inductive Constructions -formal language that combines a higher-order logic and a richly-typed functional programming language- using the Coq proof assistant.

Palabras clave : Formal modelling; Security properties; Coq proof assistant; JME-MIDP; Virtualization.

        · resumen en Español     · texto en Inglés     · Inglés ( pdf )

 

Creative Commons License Todo el contenido de esta revista, excepto dónde está identificado, está bajo una Licencia Creative Commons

J. Herrera y Reissig 565 - CP 11300.
Montevideo - Uruguay.
Tel: (598) 2711 4244 int. 124