Advertisement

Higher Dependability and Security for Mobile Applications

  • Hongxia Jin
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3934)

Abstract

In this paper, we are concerned with the detection software faults and tampering of the mobile application as well as the mobile device theft. We want to disable mobile device cryptographically once either of these problems are detected. Basically the device needs to receive a new cryptographic key after each pre-set period of time in order to continue function. The mobile application execution integrity is checked by the authority when deciding whether or not to give out a new key. The detection can be done via a run-time result checking when the device connects to the authority. The authority can also proactively examine whether or not software tampering is happening. This paper will show approaches that each standalone can improve the dependability and security of a mobile application. We will show how these approaches can work together seamlessly to form a stronger scheme.

Keywords

Mobile Device Search Tree Mobile Agent Mobile Application Software Fault 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Steven Fritzinger and Marianne Mueller. Java Security (1996)Google Scholar
  2. 2.
    Wahbe, R., Lucco, S., Anderson, T.E., Graham, S.: Efficient software-based fault isolation. In: Proceedings of the ACM SIGCOMM 1996 symposium (1996)Google Scholar
  3. 3.
    Necula, G.: Proof Carrying Code. In: Proceedings of the Twenty Fourth Annual Symposium on Principles of Programming Languages (1997)Google Scholar
  4. 4.
    Libes, D.: Obfuscated C and other mysteries. Wiley, Chichester (1993)Google Scholar
  5. 5.
    Sander, T., Tschudin, C.F.: Protecting mobile agents against malicious hosts. Mobile agents and Security, pp. 44–60 (1998)Google Scholar
  6. 6.
    Vigna, G.: Cryptographic traces for mobile agents. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 137–153. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  7. 7.
    Hohl, F.: Time limited blackbox security: protecting mobile agents from malicous hosts. Mobile agents and security, pp. 92–113. Springer, Heidelberg (1998)Google Scholar
  8. 8.
    Denning, D.: An intrusion detection model. IEEE Transactions on Sofwtare engineering, vol. SE SE-13(2), 222–232 (1987)CrossRefGoogle Scholar
  9. 9.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of applied cryptograghy. CRC Press, Boca Raton (1997)MATHGoogle Scholar
  10. 10.
    Jin, H., Lotspiech, J.: Proactive software tampering detection. In: Proceeding of ISC (2003)Google Scholar
  11. 11.
    Sullivan, G.F., Masson, G.M.: Using certification trails to achieve software fault tolerance. In: Digest of the 1990 Fault Tolerant Computing Symposium, pp. 423–431. IEEE Computer Society Press, Los Alamitos (1990)Google Scholar
  12. 12.
    Avizienis, A.: The N-version approach to fault tolerant software. IEEE Trans. on Software Engineering 11, 1491–1501 (1985)CrossRefGoogle Scholar
  13. 13.
    Randell, B.: System structure for software fault tolerance. IEEE Trans. on Software Engineering 1, 220–232 (1975)CrossRefGoogle Scholar
  14. 14.
    Huang, K.-H., Abraham, J.: Algorithm-based fault tolerance for matrix operations. IEEE Trans. on Computers C-33, 518–529 (1984)CrossRefMATHGoogle Scholar
  15. 15.
    Blum, M., Kannan, S.: Designing programs that check their work. In: Proceedings of the 1989 ACM Symposium on Theory of Computing, pp. 86–97. ACM Press, New York (1989)Google Scholar
  16. 16.
    Lawler, E.L., Lenstra, J.K., Rinnooy Kan, A.H.G., Shmoys, D.B.: The Traveling Salesman Problem. John Wiley and Sons Ltd., Chichester (1985)MATHGoogle Scholar
  17. 17.
    Chess, D., Grosof, B., Harrison, C., Levine, D., Paris, C., Tsudik, G.: ”Itinerant Agents for Mobile Computing”, Technical report, IBM T.J.Watson Research Center (1995)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Hongxia Jin
    • 1
  1. 1.IBM Almaden Research CenterSan JoseUSA

Personalised recommendations