Search Results

You are looking at 1 - 2 of 2 items :

  • "Security and privacy→Systems security→Information flow control" x
Clear All

Abstract

The functionality of modern smartphones can easily be enriched by a huge number of available apps. Studies have shown that many of these apps leak private information of their users to third parties. In this article, we demonstrate how a user can ensure that the apps he installs keep his private information confidential. By means of a concrete example, we show how an informal confidentiality requirement can be formalized in the specification language RIFL and how this requirement can be verified in the app store Cassandra using the RSCP security analyser. In particular, we demonstrate how Cassandra integrates the information-flow analysis by the RSCP security analyser into the installation process of an app from the perspective of a user.

Abstract

The invasive computing paradigm offers applications the possibility to dynamically spread their computation in a multicore/multiprocessor system in a resource-aware way. If applications are assumed to act maliciously, many security problems arise. In this acticle, we discuss different ways to deal with security problems in a resource-aware way. We first formalize the attacker model and the different security requirements that applications may have in multi-core systems. We then survey different hardware and software security mechanisms that can be dynamically configured to guarantee security on demand for invasive applications.