A model-based approach to integrating security policies for embedded devices

Michael McDougall; Rajeev Alur; Carl A. Gunter

doi:10.1145/1017753.1017789

A model-based approach to integrating security policies for embedded devices

Michael McDougall, Rajeev Alur, Carl A. Gunter

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Embedded devices like smartcards can now run multiple interacting applications. A particular challenge in this domain is to dynamically integrate diverse security policies. In this paper we show how a framework based on a concise formal model lets us securely customize a payment card equipped with a programmable chip. We present policy automata, a formal model of computations that grant or deny access to a resource. This model combines defeasible logic with state machines, representing complex policies as combinations of simpler modular policies. We use the model in a framework for specifying, merging and analyzing modular policies. This framework is implemented as Polaris, a tool which analyzes policy automata to reveal potential conflicts or redundancies, and compiles automata into Java Card applets.

Original language	English (US)
Title of host publication	EMSOFT 2004 - Fourth ACM International Conference on Embedded Software
Publisher	Association for Computing Machinery
Pages	211-219
Number of pages	9
ISBN (Print)	1581138601, 9781581138603
DOIs	https://doi.org/10.1145/1017753.1017789
State	Published - 2004
Externally published	Yes
Event	EMSOFT 2004 - Fourth ACM International Conference on Embedded Software - Pisa, Italy Duration: Sep 27 2004 → Sep 29 2004

Publication series

Name	EMSOFT 2004 - Fourth ACM International Conference on Embedded Software

Other

Other	EMSOFT 2004 - Fourth ACM International Conference on Embedded Software
Country/Territory	Italy
City	Pisa
Period	9/27/04 → 9/29/04

Keywords

Java Cards
Model Based Design
Policy Integration
Smartcards

ASJC Scopus subject areas

General Engineering

Online availability

10.1145/1017753.1017789

Library availability

Discover UIUC Full Text

Cite this

A model-based approach to integrating security policies for embedded devices. / McDougall, Michael; Alur, Rajeev; Gunter, Carl A.
EMSOFT 2004 - Fourth ACM International Conference on Embedded Software. Association for Computing Machinery, 2004. p. 211-219 (EMSOFT 2004 - Fourth ACM International Conference on Embedded Software).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

McDougall, M, Alur, R & Gunter, CA 2004, A model-based approach to integrating security policies for embedded devices. in EMSOFT 2004 - Fourth ACM International Conference on Embedded Software. EMSOFT 2004 - Fourth ACM International Conference on Embedded Software, Association for Computing Machinery, pp. 211-219, EMSOFT 2004 - Fourth ACM International Conference on Embedded Software, Pisa, Italy, 9/27/04. https://doi.org/10.1145/1017753.1017789

@inproceedings{74e734a6a81049418c1b6d9273cc512b,

title = "A model-based approach to integrating security policies for embedded devices",

abstract = "Embedded devices like smartcards can now run multiple interacting applications. A particular challenge in this domain is to dynamically integrate diverse security policies. In this paper we show how a framework based on a concise formal model lets us securely customize a payment card equipped with a programmable chip. We present policy automata, a formal model of computations that grant or deny access to a resource. This model combines defeasible logic with state machines, representing complex policies as combinations of simpler modular policies. We use the model in a framework for specifying, merging and analyzing modular policies. This framework is implemented as Polaris, a tool which analyzes policy automata to reveal potential conflicts or redundancies, and compiles automata into Java Card applets.",

keywords = "Java Cards, Model Based Design, Policy Integration, Smartcards",

author = "Michael McDougall and Rajeev Alur and Gunter, {Carl A.}",

year = "2004",

doi = "10.1145/1017753.1017789",

language = "English (US)",

isbn = "1581138601",

series = "EMSOFT 2004 - Fourth ACM International Conference on Embedded Software",

publisher = "Association for Computing Machinery",

pages = "211--219",

booktitle = "EMSOFT 2004 - Fourth ACM International Conference on Embedded Software",

address = "United States",

note = "EMSOFT 2004 - Fourth ACM International Conference on Embedded Software ; Conference date: 27-09-2004 Through 29-09-2004",

}

TY - GEN

T1 - A model-based approach to integrating security policies for embedded devices

AU - McDougall, Michael

AU - Alur, Rajeev

AU - Gunter, Carl A.

PY - 2004

Y1 - 2004

N2 - Embedded devices like smartcards can now run multiple interacting applications. A particular challenge in this domain is to dynamically integrate diverse security policies. In this paper we show how a framework based on a concise formal model lets us securely customize a payment card equipped with a programmable chip. We present policy automata, a formal model of computations that grant or deny access to a resource. This model combines defeasible logic with state machines, representing complex policies as combinations of simpler modular policies. We use the model in a framework for specifying, merging and analyzing modular policies. This framework is implemented as Polaris, a tool which analyzes policy automata to reveal potential conflicts or redundancies, and compiles automata into Java Card applets.

AB - Embedded devices like smartcards can now run multiple interacting applications. A particular challenge in this domain is to dynamically integrate diverse security policies. In this paper we show how a framework based on a concise formal model lets us securely customize a payment card equipped with a programmable chip. We present policy automata, a formal model of computations that grant or deny access to a resource. This model combines defeasible logic with state machines, representing complex policies as combinations of simpler modular policies. We use the model in a framework for specifying, merging and analyzing modular policies. This framework is implemented as Polaris, a tool which analyzes policy automata to reveal potential conflicts or redundancies, and compiles automata into Java Card applets.

KW - Java Cards

KW - Model Based Design

KW - Policy Integration

KW - Smartcards

UR - http://www.scopus.com/inward/record.url?scp=27644562412&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=27644562412&partnerID=8YFLogxK

U2 - 10.1145/1017753.1017789

DO - 10.1145/1017753.1017789

M3 - Conference contribution

AN - SCOPUS:27644562412

SN - 1581138601

SN - 9781581138603

T3 - EMSOFT 2004 - Fourth ACM International Conference on Embedded Software

SP - 211

EP - 219

BT - EMSOFT 2004 - Fourth ACM International Conference on Embedded Software

PB - Association for Computing Machinery

T2 - EMSOFT 2004 - Fourth ACM International Conference on Embedded Software

Y2 - 27 September 2004 through 29 September 2004

ER -

A model-based approach to integrating security policies for embedded devices

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this