Daniel Schreckling

Kynoid: real-time enforcement of fine-grained, user-defined, and data-centric security policies for android

We introduce Kynoid, a real-time monitoring and enforcement framework for Android. Kynoid is based on user-defined security policies which are defined for data-items. This allows users to define temporal, spatial, and destination constraints which have to hold for single items. We introduce an innovative approach to allow for the real-time tracking and enforcement of such policies. In this way, Kynoid is the first extension of Android which enables the sharing of resources while respecting individual security policies for the data-items stored in these resources. We outline Kynoids architecture, present its operation and discuss it in terms of applicability, performance, and usability. By providing a proof-of-concept implementation we further show the feasibility of our framework.

Kynoid: Real-time enforcement of fine-grained, user-defined, and data-centric security policies for Android

We introduce Kynoid, a real-time monitoring and enforcement framework for Android. Kynoid is based on user-defined security policies which are defined for data-items. This allows users to define temporal, spatial, and destination constraints which have to hold for single items. We introduce an innovative approach to allow for the real-time tracking and enforcement of such policies. In this way, Kynoid is the first extension for Android which enables the enforcement of security policies of data-items stored in shared resources. We outline Kynoids architecture, present its operation and discuss it in terms of applicability, and performance. By providing a proof-of-concept implementation we further show the feasibility of our framework.

COMPOSE -- A Journey from the Internet of Things to the Internet of Services

The COMPOSE project aims to unleash the full potential harbored by the Internet of Things by creating a complete ecosystem around it to enable the flourishing of a resulting Internet of Services, seamlessly integrating the real and virtual worlds. COMPOSE will achieve this through the provisioning of an open and scalable marketplace infrastructure, in which smart objects are associated to services that can be combined, managed, and integrated in a standardized way to easily build innovative applications. The resulting platform is expected to significantly strengthen the service industry in Europe.

Self-replicating and self-modifying programs in fraglets

The inherently decentralized nature of artificial chemical computing models makes them particularly attractive for building bio-inspired software with self-organizing and emergent properties. Yet it is not straightforward to construct such chemical programs, either manually or automatically. We are exploring the potential of chemical programming models for automatic programming, in the context of autonomic environments where software must operate unsupervised for unlimited periods of time. We are enhancing the Fraglets chemical language to support intrinsic genetic programming, such that programs can replicate and modify themselves during execution. The Fraglets language was originally designed to express communication protocols. We first show a few extensions towards more generic computations, then show how self- replicating and self-modifying programs can be created. This is a first step towards programs that can repair and optimize themselves in an autonomic way. We reveal a number of features and shortcomings of the language, suggesting fixes and future directions.

Symmetry structure in discrete models of biochemical systems: natural subsystems and the weak control hierarchy in a new model of computation driven by interactions

Interaction computing is inspired by the observation that cell metabolic/regulatory systems construct order dynamically, through constrained interactions between their components and based on a wide range of possible inputs and environmental conditions. The goals of this work are to (i) identify and understand mathematically the natural subsystems and hierarchical relations in natural systems enabling this and (ii) use the resulting insights to define a new model of computation based on interactions that is useful for both biology and computation. The dynamical characteristics of the cellular pathways studied in systems biology relate, mathematically, to the computational characteristics of automata derived from them, and their internal symmetry structures to computational power. Finite discrete automata models of biological systems such as the lac operon, the Krebs cycle and p53–mdm2 genetic regulation constructed from systems biology models have canonically associated algebraic structures (their transformation semigroups). These contain permutation groups (local substructures exhibiting symmetry) that correspond to ‘pools of reversibility’. These natural subsystems are related to one another in a hierarchical manner by the notion of ‘weak control’. We present natural subsystems arising from several biological examples and their weak control hierarchies in detail. Finite simple non-Abelian groups are found in biological examples and can be harnessed to realize finitary universal computation. This allows ensembles of cells to achieve any desired finitary computational transformation, depending on external inputs, via suitably constrained interactions. Based on this, interaction machines that grow and change their structure recursively are introduced and applied, providing a natural model of computation driven by interactions.

Constroid: data-centric access control for android

We introduce Constroid, a data-centric security policy management framework for Android. It defines a new middleware which allows the developer to specify well defined data items of fine granularity. For these data items, Constroid administrates security policies which are based on the usage control model. They can only be modified by the user of an application not by the applications itself. We use Con-stroids middle-ware to protect the security policies, ensure consistency between a data item and its corresponding security policy, and describe how our prototype implementation can enforce a subset of possible usage control policies. In this way, our contribution shows how we overcome the rigid API-driven approach to security in Android. The structure and implementation of our framework is presented and discussed in terms of security, performance, and usability.

A Research Framework for Interaction Computing

This paper lays out an interdisciplinary research framework that integrates perspectives from physics, biology, mathematics, and computer science to develop a vision of interaction computing. The paper recounts the main insights and lessons learned in the past six years across multiple projects, gives a current definition of the problem, and outlines a research programme for how to approach it that will guide our research over the coming years. The flavour of the research is strongly algebraic, and the bridge to specification of behaviour of automata through new formal languages is discussed in terms of category theory. The style of presentation is intuitive and conceptual as the paper is meant to provide a foundation widely accessible to an interdisciplinary audience for five threads of research in experimental cell biology, algebraic automata theory, dynamical systems theory, autopoietic architectures, and specification languages, the first four of which are represented by more focussed technical papers at this same conference.

Robustness to Code and Data Deletion in Autocatalytic Quines

Software systems nowadays are becoming increasingly complex and vulnerable to all sorts of failures and attacks. There is a rising need for robust self-repairing systems able to restore full functionality in the face of internal and external perturbations, including those that affect their own code base. However, it is difficult to achieve code self-repair with conventional programming models. We propose and demonstrate a solution to this problem based on self-replicating programs in an artificial chemistry. In this model, execution proceeds by chemical reactions that modify virtual molecules carrying code and data. Self-repair is achieved by what we call autocatalytic quines : programs that permanently reproduce their own code base. The concentration of instructions reflects the health of the system, and is kept stable by the instructions themselves. We show how the chemistry of such programs enables them to withstand arbitrary amounts of random code and data deletion, without affecting the results of their computations.

Next Generation Mobile Application Security

We review the security architectures of currently available Smartphone operating systems, with a focus on application security. Our insights are compared to security of todays Smartphones. This leads to a research agenda and features allowing for new security architectures that can address existing security problems in future Smartphone operating systems.

Notes on abstract algebra and logic: Towards their application to cell biology and security

This paper begins to chart and critically analyse the formal connections between algebra, logic, and cell biology on the one hand, and algebra, logic, and software security on the other. Much of the discussion is necessarily conceptual. Where the discussion is more formal the current distance between these disciplines appears evident. The paper focuses on the algebra of network coding, reviews the main types of algebraic and temporal logics that underpin security, and briefly discusses recent work in the application of algebra and logic to the DNA code.