Cryptography Reference
In-Depth Information
semantic descriptions of APIs or labeled data which attached security policies, and
b) a focus on specific security issues will help to advance such analytical processes
towards being fully automated.
Whilst the effort for designing and running such a framework on mobile platforms
is relatively high, the gain in terms of security and flexibility can be huge. As an
example, imagine that malicious flows of information within an application could
be detected. Existing Smartphone security frameworks cannot detect such
vulnerabilities as they mainly ensure the validity of the initial access to a resource.
Further, new types of application frameworks can emerge: It could become
possible to dynamically adapt applications due to contextual feedback;
vulnerabilities or information flow which do not comply with the security
requirements a user has specified for particular data could then also be detected.
10.4.3 Adaptive Security Architectures
We further extend our consideration on automated analysis processes which are
supported by information partially provided by the user in terms of security
policies tagged to his private data:
If automated mechanisms able to identify specific security problems would be
available, we could also generate a feedback loop back to the user. Using the same
information provided by a user, deploying appropriate inference processes, and
combining this information with the output of our analytical process, we could not
only deliver system feedback to a user which he can actually understand. Even
more, we could actually reduce the security feedback and automate security
decisions.
As an example, consider a data item which a user specified as being confidential.
Further, assume that this data item should be processed by an application which
has access to this confidential item but transmits it to a trusted third party using an
insecure channel. An automated static analysis process could detect this data
leakage and alert the user. While the dynamic version of this scenario is already
available in Android [EGC+09], our expectations go one step further: The analysis
process can not only determine unsatisfied constraints, often it can also provide the
location within the path of the information and/or control flow at which the
constraints are not satisfied. The combination of this location and the unsatisfied
constraints with a predefined set of security primitives able to satisfy mismatched
constraints will allow the automated manipulation of applications to make them
satisfy these constraints. The result would be a dynamic, security architecture
which can be implanted into applications to meet changing security requirements
or to account for changed assumptions.
Search WWH ::
Custom Search