A framework for tamper detection marking of mobile applications

Author

Jochen, Mike ; Marvel, Lisa M. ; Pollock, Lori L.

Author_Institution

Delaware Univ., Newark, DE, USA

fYear

2003

fDate

17-20 Nov. 2003

Firstpage

143

Lastpage

153

Abstract

Today´s applications are highly mobile; we download software from the Internet, machine executable code arrives attached to electronic mail, and Java applets increase the functionality and appearance of Web pages. This movement has stirred a great deal of research in the area of mobile code security. The fact remains that a newly arrived program to a local host has the potential to inflict significant damage to the local host and local resources. Perhaps the new program originated from a charlatan host masquerading as a trusted server, or has been modified by a malicious party during transit from the trusted server to the local host. In light of this risk, security models that address mobile code are in high demand. We have developed a framework named SECRYT, which enables users of a mobile application to validate the application with integrity and authentication data while simplifying the management and distribution of the authentication data.

Keywords

cryptography; data integrity; message authentication; mobile computing; Internet; Java applets; SECRYT; Web pages; application validation; authentication data; charlatan host; data distribution; data management; electronic mail; integrity data; machine executable code; malicious party; mobile applications; mobile code security; security models; tamper detection marking; trusted server; Application software; Authentication; Bandwidth; Collaborative work; Electronic mail; Government; Internet; Java; Steganography; Time division multiplexing;

fLanguage

English

Publisher

ieee

Conference_Titel

Software Reliability Engineering, 2003. ISSRE 2003. 14th International Symposium on

ISSN

1071-9458

Print_ISBN

0-7695-2007-3

Type

conf

DOI

10.1109/ISSRE.2003.1251038

Filename

1251038