Rule-Based Auditing System for Security Assurance in Ubiquitous Computing

摘要

We can use information and software of various forms without being restricted for place and time if ubiquitous computing age comes. However, its dysfunction causes security problems such as outflow of personal information, hacking and diffusion of virus. Specially, dissemination of software that has malicious purpose in ubiquitous computing environment causes serious damages. Existent detection tools are not suited to general software because they are limitative in specification area. They can not detect a newly appeared malicious code, so we must update pattern of new malicious code. In this paper, we propose rule-based auditing system that analyzes structure of target code to solve these problems, define this as rule, and detect malicious codes and software vulnerabilities. It will be used by a common software audit system because of source codes security, that's why the proposed auditing system enables to construct secure ubiquitous computing environment.