Open AccessThreat‐Based Declassification and Endorsement for Mobile Computing
Author(s) -
YIN Lihua,
GUO Yunchuan,
ZHANG Huibing,
HUANG Wenting,
FANG Binxing
Publication year - 2019
Publication title -
chinese journal of electronics
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.267
H-Index - 25
eISSN - 2075-5597
pISSN - 1022-4653
DOI - 10.1049/cje.2019.06.007
Subject(s) - computer science , computer security , internet privacy
Declassification and endorsement can efficiently improve the usability of mobile applications. However, both declassify and endorse operations in practice are often ad‐hoc and nondeterministic, thus, being insecure. From a new perspective of threat assessments, we propose the Threat‐based typed security π‐calculus (π TBTS ) to model declassification and endorsement in mobile computing. Intuitively, when relaxing confidentiality policies and/or integrity policies, we respectively assess threats brought by performing these two relaxes. If these threats are acceptable, the declassification and/or endorsement operations are permitted; Otherwise, they are denied. The proposed assessments have explicit security conditions, results and less open parameters, so our approach solves the problem of the ad‐hoc and nondeterministic semantics and builds a bridge between threat assessments and declassification/endorsement.