Enforcing private policy via security-by-Contract

Abstract : This work aims to investigate how the Security-by-Contract (SxC) paradigm, developed for providing security assurances to mobile applications, can be used for guaranteeing the security of communicating systems composed by several, heterogeneous components. These components need to communicate with each other by establishing direct, point to point connections. Direct connections can involve components sharing no common communication protocols and need a suitable interface. Enablers are in charge of providing these communication interfaces. Each component has a local security policy composed by a public and a private part. When a communication between two components has to be established, each component asks the enabler for providing a communication interface that respects its public policy. We exploit the Security-by-Contract approach for assuring that the application implementing the communication interface is always safe, i.e., it satisfies the security policies setted by components. Moreover, we present an extension of the Security-by-Contract for dealing with trust. Trust management is useful when one of the involved actors is considered to be potentially untrusted and the others want to measure its trust level.
Type de document :
Pré-publication, Document de travail
Liste complète des métadonnées

Littérature citée [12 références]  Voir  Masquer  Télécharger

Contributeur : Brigitte Briot <>
Soumis le : lundi 22 février 2010 - 15:23:44
Dernière modification le : vendredi 26 février 2010 - 13:49:19
Document(s) archivé(s) le : vendredi 18 juin 2010 - 18:49:29


Fichiers produits par l'(les) auteur(s)


  • HAL Id : inria-00458882, version 1



Gabriele Costa, Ilaria Matteucci. Enforcing private policy via security-by-Contract. 2010. 〈inria-00458882〉



Consultations de la notice


Téléchargements de fichiers