TAILIEUCHUNG - Next Generation Mobile Systems 3G and Beyond phần 10

BẢO VỆ CHÍNH SÁCH THI HÀNH CHO LUẬT TẢI XUỐNG các tác giả mã của tên và địa chỉ không chứng minh rằng mã là an toàn, người sử dụng không có thể có thời gian để điều tra danh tiếng các tác giả mã của các tác giả mã cũng intentioned • | 346 SECURITY POLICY ENFORCEMENT FOR DOWNLOADED CODE the code author s name and address do not prove that the code is safe the user may not have time to investigate the code author s reputation even if the code author is well intentioned he may have written unsafe code by accident if the code is unsafe many users must complain before the CA revokes its certificate and these users systems have already been damaged by the code once the CA revokes the certificate news of the revocation must reach the user. For the these reasons the user cannot rely solely on authority and reputation. He therefore requires a security manager to inspect or monitor the actual downloaded code. A security manager must satisfy several security requirements see Saltzer and Schroeder 1975 for a more complete list Time The security manager must be as fast as possible. Because consumers judge phones on the basis of price a phone s processor power and memory are critical resources. That is any overhead use of processor or memory increases the cost of the phone. Space For similar reasons the security manager must be as small as possible. Since most managers do not store significant amounts of data the manager s size is determined mainly by the size of its code which grows with complexity. Flexibility Users and administrators need to specify security policies in considerable detail so the more control they have the better. At the same time users do not want to pay for unnecessary features. Binary code Because speed is critical the security manager must safely execute downloaded machine code not just bytecode. TCB size In order to be as reliable as possible the security manager s trusted computing base TCB must be small and easy to verify. We can divide the safety checks that a security manager performs into several broad categories Type safety Operations must conform to published interfaces. Memory safety Downloaded code can only access certain memory regions. The safety policy may describe regions

TỪ KHÓA LIÊN QUAN
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.