Computer Laboratory

Technical reports

Abstracting application-level security policy for ubiquitous computing

David J. Scott

January 2005, 186 pages

This technical report is based on a dissertation submitted September 2004 by the author for the degree of Doctor of Philosophy to the University of Cambridge, Robinson College.

Abstract

In the future world of Ubiquitous Computing, tiny embedded networked computers will be found in everything from mobile phones to microwave ovens. Thanks to improvements in technology and software engineering, these computers will be capable of running sophisticated new applications constructed from mobile agents. Inevitably, many of these systems will contain application-level vulnerabilities; errors caused by either unanticipated mobility or interface behaviour. Unfortunately existing methods for applying security policy – network firewalls – are inadequate to control and protect the hordes of vulnerable mobile devices. As more and more critical functions are handled by these systems, the potential for disaster is increasing rapidly.

To counter these new threats, this report champions the approach of using new application-level security policy languages in combination to protect vulnerable applications. Policies are abstracted from main application code, facilitating both analysis and future maintenance. As well as protecting existing applications, such policy systems can help as part of a security-aware design process when building new applications from scratch.

Three new application-level policy languages are contributed each addressing a different kind of vulnerability. Firstly, the policy language MRPL allows the creation of Mobility Restriction Policies, based on a unified spatial model which represents both physical location of objects as well as virtual location of mobile code. Secondly, the policy language SPDL-2 protects applications against a large number of common errors by allowing the specification of per-request/response validation and transformation rules. Thirdly, the policy language SWIL allows interfaces to be described as automata which may be analysed statically by a model-checker before being checked dynamically in an application-level firewall. When combined together, these three languages provide an effective means for preventing otherwise critical application-level vulnerabilities.

Systems implementing these policy languages have been built; an implementation framework is described and encouraging performance results and analysis are presented.

Full text

PDF (2.2 MB)

BibTeX record

@TechReport{UCAM-CL-TR-613,
  author =	 {Scott, David J.},
  title = 	 {{Abstracting application-level security policy for
         	   ubiquitous computing}},
  year = 	 2005,
  month = 	 jan,
  url = 	 {http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-613.pdf},
  institution =  {University of Cambridge, Computer Laboratory},
  number = 	 {UCAM-CL-TR-613}
}