A Formal Specification of the MIDP 2.0 Security Model

* Final gross prices may vary according to local VAT.

Get Access

Abstract

This paper presents, to the best of our knowledge, the first formal specification of the application security model defined by the Mobile Information Device Profile 2.0 for Java 2 Micro Edition. The specification, which has been formalized in Coq, provides an abstract representation of the state of a device and the security-related events that allows to reason about the security properties of the platform where the model is deployed. We state and sketch the proof of some desirable properties of the security model. Although the abstract specification is not executable, we describe a refinement methodology that leads to an executable prototype.

This work is partially funded by the IST program of the European Commission, FET under the MOBIUS project, the INRIA-Microsoft Joint Research Laboratory, and STIC-AmSud under the ReSeCo project.