Model Driven Configuration of Secure Operating Systems for Mobile Applications in Healthcare

Trust and assurance of mobile platforms is a prime objective when considering their deployment to security-critical scenarios in e.g., healthcare or e-government. Currently, several complementary approaches are being pursued in parallel, ranging from purely hardware based, to operating system level, and application level solutions. Together, they build a “trusted and secured” technology stack. However, the very complex policy configuration mechanisms at every single layer also represent the biggest stumbling block for a rapid adoption. We propose a practicable and efficient solution for leveraging operating system level and application level security mechanisms to realize security-critical application and services for healthcare scenarios.

[1]  David A. Basin,et al.  SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.

[2]  Guided Policy Generation for Application Authors , 2006 .

[3]  Crispin Cowan,et al.  Linux security modules: general security support for the linux kernel , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[4]  Ruth Breu,et al.  A framework for modelling restricted delegation of rights in the SECTET , 2007, Comput. Syst. Sci. Eng..

[5]  Christian Schaefer,et al.  A Policy Language for Distributed Usage Control , 2007, ESORICS.

[6]  Ruth Breu,et al.  Modeling Authorization in an SOA based Application Scenario , 2006, IASTED Conf. on Software Engineering.

[7]  John D. Ramsdell,et al.  Guided Policy Generation for Application , 2006 .

[8]  SandhuRavi,et al.  The UCONABC usage control model , 2004 .

[9]  Markus Schumacher,et al.  Security Engineering with Patterns: Origins, Theoretical Models, and New Applications , 2003 .

[10]  Ruth Breu,et al.  Sectet: an extensible framework for the realization of secure inter-organizational workflows , 2006, Internet Res..

[11]  Jaehong Park,et al.  Formal model and policy specification of usage control , 2005, TSEC.

[12]  Ruth Breu,et al.  Modeling permissions in a (U/X)ML world , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[13]  P. S. Tasker,et al.  DEPARTMENT OF DEFENSE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA , 1985 .

[14]  Ruth Breu,et al.  A constraint based role based access control in the SECTET a model-driven approach , 2006, PST.

[15]  Jin Tong,et al.  Attributed based access control (ABAC) for Web services , 2005, IEEE International Conference on Web Services (ICWS'05).

[16]  Elisa Bertino,et al.  Access Control in Dynamic XML-Based Web-Services with X-RBAC , 2003, ICWS.

[17]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[18]  Ruth Breu,et al.  Towards a MOF/QVT-Based domain architecture for model driven security , 2006, MoDELS'06.

[19]  Ruth Breu,et al.  A Framework for Modeling Restricted Delegation in Service Oriented Architecture , 2006, TrustBus.

[20]  Stephen Smalley,et al.  Integrating Flexible Support for Security Policies into the Linux Operating System , 2001, USENIX Annual Technical Conference, FREENIX Track.

[21]  Michael Weiss,et al.  Modeling Secure Systems Using an Agent-oriented Approach and Security Patterns , 2006, Int. J. Softw. Eng. Knowl. Eng..