Abstract
In this paper we propose the notion of security-by-contract, a mobile contract that an application carries with itself. The key idea of the framework is that a digital signature should not just certify the origin of the code but rather bind together the code with a contract. We provide a description of the overall life-cycle of mobile code in the setting of security-by-contract, describe a tentative structure for a contractual language and propose a number of algorithms for one of the key steps in the process, the contract-policy matching issue. We argue that security-by-contract would provide a semantics for digital signatures on mobile code thus being a step in the transition from trusted code to trustworthy code. © Springer-Verlag Berlin Heidelberg 2007.
Cite
CITATION STYLE
Dragoni, N., Massacci, F., Naliuka, K., & Siahaan, I. (2007). Security-by-contract: Toward a semantics for digital signatures on mobile code. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4582 LNCS, pp. 297–312). Springer Verlag. https://doi.org/10.1007/978-3-540-73408-6_21
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
