Department of Mathematics
Royal Holloway University Of London

Technical report: Authorisation Issues for Mobile Code in Mobile Systems

Author: Eimear Gallery

Reference: RHUL-MA-2007-3

Abstract:

This thesis is concerned with authorisation issues for mobile code in mobile
systems. It is divided into three main parts. Part I covers the development
of a policy-based framework for the authorisation of mobile code and agents
by host systems. Part II addresses the secure download, storage and execution
of a conditional access application, used in the secure distribution of digital
video broadcast content. Part III explores the way in which trusted computing
technology may be used in the robust implementation of OMA DRM version 2.

In part I of this thesis, we construct a policy-based mobile code and agent
authorisation framework, with the objective of providing both mobile devices
and service providers with the ability to assign appropriate privileges to
incoming executables. Whilst mobile code and agent authorisation mechanisms have
previously been considered in a general context, this thesis focuses on the special
requirements resulting from mobile code and agent authorisation in a mobile
environment, which restrict the types of solutions that may be viable. Following
the description and analysis of a number of architectural models upon which a
policy-based framework for mobile code and agent authorisation may be
constructed, we outline a list of features desirable in the definitive underlying
architecture. Specific implementation requirements for the capabilities of the policy
and attribute certificate specification languages and the associated policy engine
are then extracted. Candidate policy specification languages, namely KeyNote
(and Nereus), Ponder (and (D)TPL) and SAML are then examined, and
conclusions drawn regarding their suitability for framework expression. Finally, the
definitive policy based framework for mobile code and agent authorisation is
described.

In the second part of this thesis, a flexible approach that allows consumer
products to support a wide range of proprietary content protection systems, or
more specifically digital video broadcast conditional access systems, is proposed.
Two protocols for the secure download of content protection software to mobile
devices are described. The protocols apply concepts from trusted computing to
demonstrate that a platform is in a sufficiently trustworthy state before any
application or associated keys are securely downloaded. The protocols are designed
to allow mobile devices to receive broadcast content protected by proprietary
conditional access applications. Generic protocols are first described, followed
by an analysis of how well the downloaded code is protected in transmission.
How the generic protocols may be implemented using specific trusted
computing technologies is then investigated. For each of the selected trusted computing
technologies, an analysis of how the conditional access application is protected
while in storage and while executing on the mobile host is also presented. We
then examine two previously proposed download protocols, which assume a
mobile receiver compliant with the XOM and AEGIS system architectures. Both
protocols are then analysed against the security requirements defined for secure
application download, storage and execution. We subsequently give a series
of proposed enhancements to the protocols which are designed to address the
identified shortcomings.

In the final section of this thesis, we examine OMA DRM version 2, which
defines the messages, protocols and mechanisms necessary in order to control
the use of digital content in a mobile environment. However, an organisation,
such as the CMLA, must specify how robust implementations of the OMA DRM
version 2 specification should be, so that content providers can be confident that
their content will be safe on OMA DRM version 2 devices. We take the
requirements extracted for the robust implementation of the OMA DRM version 2
specification and propose an implementation which meets these requirements
using the TCG architecture and TPM/TSS version 1.2 commands.

Download the full report from this page.

posted 21 May 2007


Department of Mathematics, Royal Holloway, University of London, Egham, Surrey TW20 0EX
Tel/Fax: +44 (0)1784 443093/430766