Abstract
At present, the security critical operations of terminal devices are
often being executed in the operating system, which may include security
vulnerabilities due to implementation faults, for example. These
vulnerabilities leave the system open to data leaks and attacks from viruses
or other harmful programs. The European €-Confidential ITEA research project
is developing device-independent, next-generation security solutions for
software platforms. Critical operations are executed on a simple platform
where the security operations are isolated in a separate module, which can be
physically located in a terminal device or in a separate device such as a
memory stick. This paper introduces a Secure Running Environment (SRE), in
which the core security management of the platform is located. This contains
sensible parts for the security of the operating system, middleware and
applications. The security platform alone does not guarantee an adequate level
of security. Security is a challenging and interdisciplinary field that
demands holistic understanding, and validation of the realization of the
security objectives and the solutions advancing them. The most common methods
for security assurance are security analysis, security testing and security
monitoring.
Original language | English |
---|---|
Title of host publication | Proceedings of the 4th International Conference on Software and Data Technologies 2009, ICSOFT 2009 |
Pages | 129-134 |
Volume | 2 |
Publication status | Published - 2009 |
MoE publication type | A4 Article in a conference publication |
Event | 4th International Conference on Software and Data Technologies, ICSOFT - Sofia, Bulgaria Duration: 26 Jul 2009 → 29 Jul 2009 |
Conference
Conference | 4th International Conference on Software and Data Technologies, ICSOFT |
---|---|
Country/Territory | Bulgaria |
City | Sofia |
Period | 26/07/09 → 29/07/09 |