|
|
|
Program 2007
| |
| | |
|
|
|
Varnostni modeli JVM za naslednjo generacijo mobilnih storitev in aplikacijBoris Dragovic, CREATE-NET, Italija
Vsebina je na voljo samo v angleškem jeziku.
In the coming years, quantity and quality of e-services for and on mobile devices will increase creating a great business opportunity for services and applications developers. Already now, many people utilize over the air services for pre-provisioned services such as e-mail, schedule and contact synchronization. Mobile devices will become more powerful (a smart phone has more computing power than a PC of 15 years ago), so that smart-phones will become common shared platforms to run different applications. In such dynamic environment, key to success will be the ability to minimize time-to-market for flexible and yet secure services/applications. While security and dependability issues are increasingly important for all computers, this is particularly true for nomadic devices such as phones. These issues become major when a user, or a corporation using mobile software to empower its workforce, wants to run on the same device many interoperating and communicating applications from different parties, each with its own security and privacy requirements. Current security model deployed at mobile platforms does not have flexibility and adaptability to cater for the co-existence of multiple-security policies on a single platform, let alone their reconciliation. In fact, the development and growth of the applications and services market for mobile phones and other portable devices is currently slowed down by the lack of a flexible and reliable security infrastructure. The virtual execution environment for mobile software and services should support the complex needs of users and applications. The development and adoption of a new generation of mobile applications depends on the end user’s ability to control the application’s behavior through the execution environment in a fine-grained manner. Again, the current security model employed at mobile platforms has no capability for fine-grained enforcement of security policies – applications are either deemed trusted and allowed full access to resources or flagged as untrusted and denied any access. To address the above challenges, we propose an extension to the Java Virtual Machine for mobile systems that supports fine-grained security policy specification and its run-time enforcement. The proposed model has been implemented in the Java 2 MicroEdition environment, demonstrating the high level of flexibility and security provided by the system while improving user experience. We believe that adoption of the proposed security model will not only lead to user-empowerment but also to opening of the mobile platform to third party application/service providers.
|
| |
|
Thursday, 27. September 2007 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Friday, 28. September 2007 |
|
|
|
|
|
|
|
|
|
|
13:35 - 15:00 |
Okrogla miza: Storitve za odprtokodne produkte ali kako zaslužiti z odprto kodo?
Andrej Kositer, Agenda OpenSystems d.o.o.
Uroš Slak, Astec d.o.o.
mag. Aleš Planina, direktor Organizacije in informatike, Ljubljanske mlekarne, d.d.
Boris Butina, Ministrstvo za javno upravo
Andrej Flogie, direktor Direktorata za informacijsko družbo na Ministrstvu za visoko šolstvo, znanost in tehnologijo
Marjan Kaligaro, TrendNET d.o.o.
|
|
|
|
|
| *Vabljeni |
|
| |