Title :
Extending the Java Virtual Machine to Enforce Fine-Grained Security Policies in Mobile Devices
Author :
Ion, Iulia ; Dragovic, Boris ; Crispo, Bruno
Author_Institution :
Create-Net, Trento
Abstract :
The growth of the applications and services market for mobile devices is currently slowed down by the lack of a flexible and reliable security infrastructure. The development and adoption of a new generation of mobile applications depends on the end user´s ability to finely manage system security and control application´s behavior. The virtual execution environment for mobile software and services should support the security needs of users and applications. This paper proposes an extension to the security architecture of the java virtual machine for mobile systems, to support fine-grained policy specification and run-time enforcement. Access control decisions are based on system state, application and system history data, as well as request specific parameters. The prototype implementation is running on desktops, as emulator, and on mobile devices, proving the high level of flexibility and security, with excellent performance provided by the extended architecture.
Keywords :
Java; authorisation; formal specification; mobile computing; software architecture; virtual machines; access control decisions; fine-grained policy specification; fine-grained security policy; java virtual machine; mobile devices; mobile software; run-time enforcement; security architecture; system security; virtual execution environment; Access control; Application software; Computer architecture; Control systems; Data security; History; Java; Prototypes; Runtime; Virtual machining;
Conference_Titel :
Computer Security Applications Conference, 2007. ACSAC 2007. Twenty-Third Annual
Conference_Location :
Miami Beach, FL
Print_ISBN :
978-0-7695-3060-4
DOI :
10.1109/ACSAC.2007.36
