DidaWiki

The growing diffusion of computational entities and their composition in networks has made security a critical issue for every phase of the software lifecycle. Indeed, the modern scenarios present a complexity degree that only few years ago was unpredictable. The internet represents the clearest example. It offers a panorama of services that seems to be unlimited, also involving the client side in several ways. From the mere exchange of messages and contents sharing to the creation of distributed environments and large scale applications, the examples of contexts needing security assurances are uncountable. The internet is a continuously evolving entity and the myriad of its contributors can not be kept under control. In this presentation, we briefly survey on some of the most common conditions under which security guarantees are crucial. In particular, we consider the security issues arising under three different assumptions. Firstly, we discuss the problem of safely executing mobile code on some trusted platform. In particular, we take into account two different scenarios: standard environments and resource limited mobile devices. Then, we analyse the case in which two actors cooperate to the definition of a mediator, namely a connector, that must comply with the requirements of the two sides. Finally, we present a framework using the security requirements of services for statically finding a safe composition and, where not possible, for computing prerequisite policies. Prerequisites can be dynamically checked for finding a safe composition at runtime.