Specifying Context-Aware Runtime Security Policies using an Algebraic Policy Specification Language

T. Watanabe, K. Yamada, and N. Nagatou (Japan)


Programming Tools and Languages, Security, Policy Spec ification, Java Virtual Machine


This paper reports our ongoing work towards a novel se cure execution scheme of mobile objects that are especially utilized to extend, reconfigure or maintain a dynamically extensible and/or context-aware systems. The overall mo tivation is to develop a security architecture that protects the systems and the privacy of their users from potentially malicious mobile objects. Our security architecture, called Taurus-1, adopts monitored execution as a basic security enforcement mechanism. To describe security policies we designed an algebraic policy description language Polaris, in which we can specify a policy as a collection of hierar chically described process modules. We show how Taurus 1 can provide a security enhancement mechanism for such extensible and/or context-aware systems and then discuss how to specify security policies for them.

Important Links:

Go Back