Threat-Based Declassification and Endorsement for Mobile Computing  被引量：2

作　　者：YIN Lihua GUO Yunchuan ZHANG Huibing HUANG Wenting FANG Binxing 

机构地区：[1]Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou 510006, China [2]The State Key Laboratory of Information Security, Institute of Information Engineering, CAS, Beijing 100093, China [3]Guangxi Key Lab of Trusted Software, Guilin University of Electronic Technology, Guilin 541000, China [4]The National Computer Network Emergency Response Technical Team/Coordination Center of China, Beijing 100029, China

出　　处：《Chinese Journal of Electronics》2019年第5期1041-1052,共12页电子学报（英文版）

基　　金：supported by the National High Technology Research and Development Program(No.2015AA016007);National Natural Science Foundation of China(No.61672515,No.61662013);Guangxi Natural Science Foundation(No.2017GXNSFAA198372)

摘　　要：Declassification and endorsement can efficiently improve the usability of mobile applications.However, both declassify and endorse operations in practice are often ad-hoc and nondeterministic, thus, being insecure. From a new perspective of threat assessments,we propose the Threat-based typed security π-calculus(πTBTS) to model declassification and endorsement in mobile computing. Intuitively, when relaxing confidentiality policies and/or integrity policies, we respectively assess threats brought by performing these two relaxes. If these threats are acceptable, the declassification and/or endorsement operations are permitted;Otherwise, they are denied. The proposed assessments have explicit security conditions, results and less open parameters,so our approach solves the problem of the ad-hoc and nondeterministic semantics and builds a bridge between threat assessments and declassification/endorsement.Declassification and endorsement can efficiently improve the usability of mobile applications.However, both declassify and endorse operations in practice are often ad-hoc and nondeterministic, thus, being insecure. From a new perspective of threat assessments,we propose the Threat-based typed security π-calculus(πTBTS) to model declassification and endorsement in mobile computing. Intuitively, when relaxing confidentiality policies and/or integrity policies, we respectively assess threats brought by performing these two relaxes. If these threats are acceptable, the declassification and/or endorsement operations are permitted; Otherwise, they are denied. The proposed assessments have explicit security conditions, results and less open parameters,so our approach solves the problem of the ad-hoc and nondeterministic semantics and builds a bridge between threat assessments and declassification/endorsement.

关 键 词：Declassification ENDORSEMENT THREAT ASSESSMENT MOBILE COMPUTING Π-CALCULUS 

分 类 号：TN[电子电信]