Verification of Security-Relevant Behavior Model and Security Policy for Model-Carrying Code

  • Yonglong Wei
  • Xiaojuan Zheng
  • Jinglei Ren
  • Xudong Zheng
  • Chen Sun
  • Zhenhao Li
Conference paper

DOI: 10.1007/978-3-642-10847-1_19

Part of the Communications in Computer and Information Science book series (CCIS, volume 58)
Cite this paper as:
Wei Y., Zheng X., Ren J., Zheng X., Sun C., Li Z. (2009) Verification of Security-Relevant Behavior Model and Security Policy for Model-Carrying Code. In: Ślęzak D., Kim T., Fang WC., Arnett K.P. (eds) Security Technology. SecTech 2009. Communications in Computer and Information Science, vol 58. Springer, Berlin, Heidelberg

Abstract

This article presents a method of verifying the safety of untrusted mobile code, using the model of security-relevant behaviors of code. This method verifies whether models violate users’ security policies to help users decide which programs to run and which not, and hence ensures the security of users’ systems and devices. Based on the framework of model-carrying code, we make several improvements: using the extended pushdown automaton (EPDA) as the program behavior model, reducing ambiguity in regular expressions over events (REE), proposing a new verification algorithm according to above significant improvements.

Keywords

mobile code security verification behavior model security policy model-carrying code 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Yonglong Wei
    • 1
  • Xiaojuan Zheng
    • 1
  • Jinglei Ren
    • 1
  • Xudong Zheng
    • 1
  • Chen Sun
    • 1
  • Zhenhao Li
    • 1
  1. 1.School of SoftwareNortheast Normal UniversityChangchunChina

Personalised recommendations