A Model-Based Approach to Integrating Security Policies for Embedded Devices
Files
Penn collection
Degree type
Discipline
Subject
CPS Formal Methods
policy integration
model based design
smartcards
java cards
Funder
Grant number
License
Copyright date
Distributor
Related resources
Author
Contributor
Abstract
Embedded devices like smart cards can now run multiple interacting applications. A particular challenge in this domain is to dynamically integrate diverse security policies. In this paper we show how a framework based on a concise formal model lets us securely customize a payment card equipped with a programmable chip. We present policy automata, a formal model of computations that grant or deny access to a resource. This model combines defeasible logic with state machines, representing complex policies as combinations of simpler modular policies. We use the model in a framework for specifying, merging and analyzing modular policies. This framework is implemented as Polaris, a tool which analyzes policy automata to reveal potential conflicts or redundancies, and compiles automata into Java Card applets.
Advisor
Date of presentation
Conference name
Conference dates
Conference location
Date Range for Data Collection (Start Date)
Date Range for Data Collection (End Date)
Digital Object Identifier
Series name and number
Volume number
Issue number
Publisher
Publisher DOI
Comments
Postprint version. Copyright ACM, 2004. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Proceedings of the fourth ACM international conference on Embedded software 2004, pages 211-219. Publisher URL: http://doi.acm.org/10.1145/1017753.1017789