At present, the security critical operations of terminal devices are often being executed in the operating system, which may include security vulnerabilities due to implementation faults, for example. These vulnerabilities leave the system open to data leaks and attacks from viruses or other harmful programs. The European €-Confidential ITEA research project is developing device-independent, next-generation security solutions for software platforms. Critical operations are executed on a simple platform where the security operations are isolated in a separate module, which can be physically located in a terminal device or in a separate device such as a memory stick. This paper introduces a Secure Running Environment (SRE), in which the core security management of the platform is located. This contains sensible parts for the security of the operating system, middleware and applications. The security platform alone does not guarantee an adequate level of security. Security is a challenging and interdisciplinary field that demands holistic understanding, and validation of the realization of the security objectives and the solutions advancing them. The most common methods for security assurance are security analysis, security testing and security monitoring.
|Title of host publication||Proceedings of the 4th International Conference on Software and Data Technologies 2009, ICSOFT 2009|
|Publication status||Published - 2009|
|MoE publication type||A4 Article in a conference publication|
|Event||4th International Conference on Software and Data Technologies, ICSOFT - Sofia, Bulgaria|
Duration: 26 Jul 2009 → 29 Jul 2009
|Conference||4th International Conference on Software and Data Technologies, ICSOFT|
|Period||26/07/09 → 29/07/09|