Threat‐Based Declassification and Endorsement for Mobile Computing

Declassification and endorsement can efficiently improve the usability of mobile applications. However, both declassify and endorse operations in practice are often ad‐hoc and nondeterministic, thus, being insecure. From a new perspective of threat assessments, we propose the Threat‐based typed security π‐calculus (π TBTS ) to model declassification and endorsement in mobile computing. Intuitively, when relaxing confidentiality policies and/or integrity policies, we respectively assess threats brought by performing these two relaxes. If these threats are acceptable, the declassification and/or endorsement operations are permitted; Otherwise, they are denied. The proposed assessments have explicit security conditions, results and less open parameters, so our approach solves the problem of the ad‐hoc and nondeterministic semantics and builds a bridge between threat assessments and declassification/endorsement.