SciELO - Scientific Electronic Library Online

 
vol.18 número3Towards Scalability for Federated Identity Systems for Cloud-Based EnvironmentsDigi-Clima Grid: image processing and distributed computing for recovering historical climate data índice de autoresíndice de assuntospesquisa de artigos		Home Pagelista alfabética de periódicos  

Serviços Personalizados

Journal

Artigo

Links relacionados

Compartilhar

CLEI Electronic Journal

versão On-line ISSN 0717-5000

Resumo

BETARTE, Gustavo  e  LUNA, Carlos. Formal Analysis of Security Models for Mobile Devices, Virtualization Platforms, and Domain Name Systems. CLEIej [online]. 2015, vol.18, n.3, pp.4-4. ISSN 0717-5000.

In this work we investigate the security of security-critical applications, i.e. applications in which a failure may produce consequences that are unacceptable. We consider three areas: mobile devices, virtualization platforms, and domain name systems. The Java Micro Edition platform defines the Mobile Information Device Profile (MIDP) to facilitate the development of applications for mobile devices, like cell phones and PDAs. We first study and compare formally several variants of the security model specified by MIDP to access sensitive resources of a mobile device. Hypervisors allow multiple guest operating systems to run on shared hardware, and offer a compelling means of improving the security and the flexibility of software systems. In this work we present a formalization of an idealized model of a hypervisor. We establish (formally) that the hypervisor ensures strong isolation properties between the different operating systems, and guarantees that requests from guest operating systems are eventually attended. We show also that virtualized platforms are transparent, i.e. a guest operating system cannot distinguish whether it executes alone or together with other guest operating systems on the platform. The Domain Name System Security Extensions (DNSSEC) is a suite of specifications that provides origin authentication and integrity assurance services for DNS data. We finally introduce a minimalistic specification of a DNSSEC model which provides the grounds needed to formally state and verify security properties concerning the chain of trust of the DNSSEC tree. We develop all our formalizations in the Calculus of Inductive Constructions -formal language that combines a higher-order logic and a richly-typed functional programming language- using the Coq proof assistant.

Palavras-chave : Formal modelling; Security properties; Coq proof assistant; JME-MIDP; Virtualization.

        · resumo em Espanhol     · texto em Inglês     · Inglês ( pdf )

 

Creative Commons License Todo o conteúdo deste periódico, exceto onde está identificado, está licenciado sob uma Licença Creative Commons

J. Herrera y Reissig 565 - CP 11300.
Montevideo - Uruguay.
Tel: (598) 2711 4244 int. 124