What the Heck is this application doing? - A securityby- contract architecture for pervasive services

Future pervasive environments are characterized by non-fixed architectures made of users and ubiquitous computers. They will be shaped by pervasive client downloads, i.e. new (untrusted) applications will be dynamically downloaded to make a better use of the computational power available in the ubiquitous computing environment. To address the challenges of this paradigm we propose the notion of security-by-contract (S × C), as in programming-by-contract, based on the notion of a mobile contract that a pervasive download carries with itself. It describes the relevant security features of the application and the relevant security interactions with its computing environment. The contract can be used to check it against the device policy for compliance. In this paper we describe the S × C concepts, the S × C architecture and implementation and sketch some interaction modalities of the S × C paradigm. © 2009 Elsevier Ltd. All rights reserved.