Memory-Constrained Security Enforcement

This book aims at investigating memory-constrained security by analyzing the security of Java ME-CLDC and characterizing enforceable security policies. More precisely, the main objectives are (1) evaluating and improving the security of Java ME-CLDC and (2) characterizing memory-constrained execution monitoring; an important class of security mechanisms. We conducted a vulnerability analysis of Java ME-CLDC that revealed the presence of vulnerabilities in the platform and showed how to improve the underlying security model. In addition, we conducted a risk analysis that provided a seriousness estimation of the risks associated with the uncovered vulnerabilities. To characterize memory-constrained execution monitoring, (1) we defined a new automata class, called Bounded History Automata (BHA), to specify memory-constrained EM enforcement, (2) we identified a new memory-directed taxonomy of EM-enforceable properties, and (3) we investigated the enforcement of local properties using memory-constrained EM. Our characterization covers conventional monitors as well as more powerful monitors.