Digital Library

cab1

 
Title:      EXPLAINED SECURITY POLICIES FOR MANAGING PER-PROGRAM ACCESS CONTROL ON MOBILE DEVICES
Author(s):      Peter Trommler
ISBN:      978-972-8939-19-9
Editors:      Hans Weghorn, Jörg Roth and Pedro Isaías
Year:      2010
Edition:      Single
Keywords:      Access control, security policy, explained security policy
Type:      Reflection Paper
First Page:      235
Last Page:      238
Language:      English
Cover:      cover          
Full Contents:      click to dowload Download
Paper Abstract:      Distributing software to mobile devices over the Internet has become an efficient way to deliver applications to the end-user. Several security mechanisms are currently deployed that assume either code is not trusted at all and thus must be confined to a sandbox or it is completely trusted and hence is granted full access. In this paper we propose a security model that offers a middle ground based on the principle of least privilege. An application will be granted access to resources needed for its purpose but no more. The increased flexibility of access control leads to increased complexity to configure access control policies. Explained security policies securely associate security policies with one or more explanations and enable end-users to select an appropriate level of access.
   

Social Media Links

Search

Login