Skip to Main content Skip to Navigation
Preprints, Working Papers, ...

Enforcing private policy via security-by-Contract

Abstract : This work aims to investigate how the Security-by-Contract (SxC) paradigm, developed for providing security assurances to mobile applications, can be used for guaranteeing the security of communicating systems composed by several, heterogeneous components. These components need to communicate with each other by establishing direct, point to point connections. Direct connections can involve components sharing no common communication protocols and need a suitable interface. Enablers are in charge of providing these communication interfaces. Each component has a local security policy composed by a public and a private part. When a communication between two components has to be established, each component asks the enabler for providing a communication interface that respects its public policy. We exploit the Security-by-Contract approach for assuring that the application implementing the communication interface is always safe, i.e., it satisfies the security policies setted by components. Moreover, we present an extension of the Security-by-Contract for dealing with trust. Trust management is useful when one of the involved actors is considered to be potentially untrusted and the others want to measure its trust level.
Document type :
Preprints, Working Papers, ...
Complete list of metadata

Cited literature [12 references]  Display  Hide  Download
Contributor : Brigitte Briot Connect in order to contact the contributor
Submitted on : Monday, February 22, 2010 - 3:23:44 PM
Last modification on : Tuesday, April 19, 2022 - 10:15:45 AM
Long-term archiving on: : Friday, June 18, 2010 - 6:49:29 PM


Files produced by the author(s)


  • HAL Id : inria-00458882, version 1



Gabriele Costa, Ilaria Matteucci. Enforcing private policy via security-by-Contract. 2010. ⟨inria-00458882⟩



Record views


Files downloads