Abstract
With the advent of the next generation java servlet on the smartcard, the Future Internet will be composed by web servers and clients silently yet busily running on high end smart cards in our phones and our wallets. In this brave new world we can no longer accept the current security model where programs can be downloaded on our machines just because they are vaguely “trusted”. We want to know what they do in more precise details.
We claim that the Future Internet needs the notion of security-by-contract: In a nutshell, a contract describes the security relevant interactions that the smart internet application could have with the smart devices hosting them. Compliance with contracts should verified at development time, checked at depolyment time and contracts should be accepted by the platform before deployment and possibly their enforcement guaranteed, for instance by in-line monitoring.
In this paper we describe the challenges that must be met in order to develop a security-by-contract framework for the Future Internet and how security research can be changed by it.
Research partly supported by the Projects EU-FP6-IST-STREP-S3MS, EU-FP6-IP-SENSORIA, and EU-FP7-IP-MASTER. We would like to thank Eric Vetillard for pointing to us the domain of Next Generation Java Card as the Challenge for the Future Internet.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Channel 4. 4od (2008), http://www.channel4.com/4od/index.html
Aktug, I., Naliuka, K.: Conspec - a formal language for policy specification. In: Proc. of the 1st Workshop on Run Time Enforcement for Mobile and Distributed Systems, REM 2007 (2007)
Atkinson, B., Della-Libera, G., Hada, S., Hondo, M., Hallam-Baker, P., Klein, J., LaMacchia, B., Leach, P., Manferdelli, J., Maruyama, H., Nadalin, A., Nagaratnam, N., Prafullchandra, H., Shewchuk, J., Simon, D.: Web Services Security. Microsoft, IBM, VeriSign, 1st edn (April 2002) (October 25, 2005), http://www-128.ibm.com/developerworks/webservices/library/ws-secure/
Bauer, L., Ligatti, J., Walker, D.: Edit automata: Enforcement mechanisms for run-time security policies. Int. J. of Inform. Sec. 4(1-2), 2–16 (2005)
Bielova, N., Dalla Torre, M., Dragoni, N., Siahaan, I.: Matching policies with security claims of mobile applications. In: Proc. of the 3rd Int. Conf. on Availability, Reliability and Security (ARES 2008). IEEE Press, Los Alamitos (2008)
Clarke, E.M., Grumberg, O., Peled, D.A.: Model Checking. MIT Press, Cambridge (2000)
Courcoubetis, C., Vardi, M.Y., Wolper, P., Yannakakis, M.: Memory-efficient algorithms for the verification of temporal properties. Formal Methods in Sys. Design 1(2-3), 275–288 (1992)
Dam, M., Lundblad, A.: A proof carrying code framework for inlined reference monitors in Java bytecode (submitted, 2008)
Della-Libera, G., Gudgin, M., Hallam-Bakerand, P., Hondo, M., Granqvist, H., Kaler, C., Maruyama, H., McIntosh, M., Nadalin, A., Nagaratnam, N., Philpott, R., Prafullchandra, H., Shewchuk, J., Walter, D., Zolfonoon, R.: Web Services Security Policy Language. IBM and Microsoft and RSA Security and VeriSign (2005)
Desmet, L., Joosen, W., Massacci, F., Philippaerts, P., Piessens, F., Siahaan, I., Vanoverberghe, D.: Security-by-contract on the.net platform. Information Security Technical Report 13(1), 25–32 (2008)
Dragoni, N., Massacci, F., Naliuka, K., Siahaan, I.: Security-by-Contract: Toward a Semantics for Digital Signatures on Mobile Code. In: López, J., Samarati, P., Ferrer, J.L. (eds.) EuroPKI 2007. LNCS, vol. 4582, pp. 297–312. Springer, Heidelberg (2007)
Erlingsson, U., Schneider, F.B.: SASI enforcement of security policies: A retrospective. In: WNSP: New Security Paradigms Workshop. ACM Press, New York (2000)
Erlingsson, U., Schneider, F.B.: IRM enforcement of Java stack inspection. In: IEEE Symposium on Security and Privacy, pp. 246–255 (2000)
Ferrari, G.L., Gnesi, S., Montanari, U., Pistore, M.: A model-checking verification environment for mobile processes. ACM Trans. Softw. Eng. Methodol. 12(4), 440–473 (2003)
Gong, L., Ellison, G., Dageforde, M.: Inside Java 2 Platform Security: Architecture, Api Design, and Implementation. Addison-Wesley Professional, Reading (2003)
Goth, G.: The ins and outs of it outsourcing. IT Professional 1, 11–14 (1999)
Hamlen, K.W., Morrisett, G., Schneider, F.B.: Computability classes for enforcement mechanisms. TOPLAS 28(1), 175–205 (2006)
Handy, C.: Trust and the virtual organization. Harvard Business Review 73, 40–50 (1995)
Hendry, M.: Smart Card Security and Applications, 2nd edn. Artech House (2001)
Howard, M., LeBlanc, D.: Writing Secure Code, 2nd edn. Microsoft Press, Redmond (2002)
Kaminski, M., Francez, N.: Finite-memory automata. Theor. al Comp. Sci. 134(2), 329–363 (1994)
Karabulut, Y., Kerschbaum, F., Massacci, F., Robinson, P., Yautsiukhin, A.: Security and trust in it business outsourcing: a manifesto. In: Etalle, S., Samarati, P. (eds.) Proceedings of STM 2006. ENTCS. Elsevier, Amsterdam (2006)
Karjoth, G., Pfitzmann, B., Schunter, M., Waidner, M.: Service-oriented Assurance - Comprehensive Security by Explicit Assurances. In: Proc. of QoP 2005 (2005)
LaMacchia, B., Lange, S.:NET Framework security. Addison Wesley, Reading (2002)
Massacci, F., Siahaan, I.: Matching midlet’s security claims with a platform security policy using automata modulo theory. In: Proc. of The 12th Nordic Workshop on Secure IT Systems, NordSec 2007 (2007)
Massacci, F., Siahaan, I.S.R.: Simulating midlet’s security claims with automata modulo theory. In: Proc. of the 2008 workshop on Prog. Lang. and analysis for security, pp. 1–9. ACM, New York (2008)
Montanari, U., Pistore, M.: History-dependent automata. Technical Report TR-98-11, Dip. Informatica, University of Pisa, 5 (1998)
Necula, G.C.: Proof-carrying code. In: Proc. of the 24th ACM SIGPLAN-SIGACT Symp. on Princ. of Prog. Lang, pp. 106–119. ACM Press, New York (1997)
CNET Networks. Channel 4’s 4od: Tv on demand, at a price. Crave Webzine (January 2007)
Neven, F., Schwentick, T., Vianu, V.: Finite state machines for strings over infinite alphabets. TOCL 5(3), 403–435 (2004)
Schneider, F.B.: Enforceable security policies. TISSEC 3(1), 30–50 (2000)
Sekar, R., Venkatakrishnan, V.N., Basu, S., Bhatkar, S., DuVarney, D.C.: Model-carrying code: a practical approach for safe execution of untrusted applications. In: Proc. of the 19th ACM Symp. on Operating Sys. Princ., pp. 15–28. ACM Press, New York (2003)
Smans, J., Jacobs, B., Piessens, F.: Static verification of code access security policy compliance of.net applications. Journal of Object Technology 5(3), 35–58 (2006)
Talhi, C., Tawbi, N., Debbabi, M.: Execution monitoring enforcement under memory-limitation constraints. Inform. and Comp. 206(2-4), 158–184 (2007)
Vanoverberghe, D., Philippaerts, P., Desmet, L., Joosen, W., Piessens, F., Naliuka, K., Massacci, F.: A flexible security architecture to support third-party applications on mobile devices. In: Proc. of the 1st ACM Comp. Sec. Arch. Workshop (2007)
Vanoverberghe, D., Piessens, F.: A caller-side inline reference monitor for an object-oriented intermediate language. In: Barthe, G., de Boer, F.S. (eds.) FMOODS 2008. LNCS, vol. 5051, pp. 240–258. Springer, Heidelberg (2008)
Vanoverberghe, D., Piessens, F.: Security enforcement aware software development. Information and Software Technology (2008), doi:10.1016/j.infsof.2008.01.009
Veanes, M., Campbell, C., Schulte, W., Tillmann, N.: Online testing with model programs. In: ESEC/FSE-13: Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering, pp. 273–282. ACM, New York (2005)
Wallach, D.S., Appel, A.W., Felten, E.W.: Safkasi: a security mechanism for language-based systems. ACM Trans. Softw. Eng. Methodol. 9(4), 341–378 (2000)
Yee, B.S.: A sanctuary for mobile agents. In: Vitek, J., Jensen, C.D. (eds.) Secure Internet Programming. LNCS, vol. 1603, pp. 261–273. Springer, Heidelberg (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Massacci, F., Piessens, F., Siahaan, I. (2009). Security-By-Contract for the Future Internet. In: Domingue, J., Fensel, D., Traverso, P. (eds) Future Internet – FIS 2008. FIS 2008. Lecture Notes in Computer Science, vol 5468. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00985-3_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-00985-3_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00984-6
Online ISBN: 978-3-642-00985-3
eBook Packages: Computer ScienceComputer Science (R0)