Higher Dependability and Security for Mobile Applications
In this paper, we are concerned with the detection software faults and tampering of the mobile application as well as the mobile device theft. We want to disable mobile device cryptographically once either of these problems are detected. Basically the device needs to receive a new cryptographic key after each pre-set period of time in order to continue function. The mobile application execution integrity is checked by the authority when deciding whether or not to give out a new key. The detection can be done via a run-time result checking when the device connects to the authority. The authority can also proactively examine whether or not software tampering is happening. This paper will show approaches that each standalone can improve the dependability and security of a mobile application. We will show how these approaches can work together seamlessly to form a stronger scheme.
KeywordsMobile Device Search Tree Mobile Agent Mobile Application Software Fault
Unable to display preview. Download preview PDF.
- 1.Steven Fritzinger and Marianne Mueller. Java Security (1996)Google Scholar
- 2.Wahbe, R., Lucco, S., Anderson, T.E., Graham, S.: Efficient software-based fault isolation. In: Proceedings of the ACM SIGCOMM 1996 symposium (1996)Google Scholar
- 3.Necula, G.: Proof Carrying Code. In: Proceedings of the Twenty Fourth Annual Symposium on Principles of Programming Languages (1997)Google Scholar
- 4.Libes, D.: Obfuscated C and other mysteries. Wiley, Chichester (1993)Google Scholar
- 5.Sander, T., Tschudin, C.F.: Protecting mobile agents against malicious hosts. Mobile agents and Security, pp. 44–60 (1998)Google Scholar
- 7.Hohl, F.: Time limited blackbox security: protecting mobile agents from malicous hosts. Mobile agents and security, pp. 92–113. Springer, Heidelberg (1998)Google Scholar
- 10.Jin, H., Lotspiech, J.: Proactive software tampering detection. In: Proceeding of ISC (2003)Google Scholar
- 11.Sullivan, G.F., Masson, G.M.: Using certification trails to achieve software fault tolerance. In: Digest of the 1990 Fault Tolerant Computing Symposium, pp. 423–431. IEEE Computer Society Press, Los Alamitos (1990)Google Scholar
- 15.Blum, M., Kannan, S.: Designing programs that check their work. In: Proceedings of the 1989 ACM Symposium on Theory of Computing, pp. 86–97. ACM Press, New York (1989)Google Scholar
- 17.Chess, D., Grosof, B., Harrison, C., Levine, D., Paris, C., Tsudik, G.: ”Itinerant Agents for Mobile Computing”, Technical report, IBM T.J.Watson Research Center (1995)Google Scholar