Departmental Papers (CIS)

Date of this Version

September 2004

Document Type

Conference Paper

Comments

Postprint version. Copyright ACM, 2004. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Proceedings of the Fourth ACM International Conference on Embedded Software (EMSOFT 2004), pages 211-219.
Publisher URL: http://doi.acm.org/10.1145/1017753.1017789

Abstract

Embedded devices like smart cards can now run multiple interacting applications. A particular challenge in this domain is to dynamically integrate diverse security policies. In this paper we show how a framework based on a concise formal model lets us securely customize a payment card equipped with a programmable chip. We present policy automata, a formal model of computations that grant or deny access to a resource. This model combines defeasible logic with state machines, representing complex policies as combinations of simpler modular policies. We use the model in a framework for specifying, merging and analyzing modular policies. This framework is implemented as Polaris, a tool which analyzes policy automata to reveal potential conflicts or redundancies, and compiles automata into Java Card applets.

Subject Area

CPS Model-Based Design, CPS Formal Methods

Publication Source

Proceedings of the Fourth ACM International Conference on Embedded Software (EMSOFT 2004)

Start Page

211

Last Page

219

DOI

10.1145/1017753.1017789

Copyright/Permission Statement

© ACM 2004. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in Proceedings of the Fourth ACM International Conference on Embedded Software (EMSOFT 2004), http://dx.doi.org/10.1145/1017753.1017789.

Keywords

policy integration, model based design, smartcards, java cards

Share

COinS
 

Date Posted: 01 November 2005