Section: Contracts and Grants with Industry

European FET-Integrated project MOBIUS

Participants : Thomas Jensen, Frédéric Besson, David Pichardie, Tiphaine Turpin.

Mobius (IST-15905) is an Integrated Project launched under the FET Global Computing Proactive Initiative. The project has started on September 1st 2005 for 48 months and involves 16 partners. The goal of this project is to develop the technology for establishing trust and security for mobile devices using the Proof Carrying Code (PCC) paradigm. Proof Carrying Code is a technique for downloading mobile code on a host machine while ensuring that the code adheres to the host's security policy. The basic idea is that the code producer sends the code with a formal proof that the code is secure. Upon reception of the code, the receiver uses a simple and fast proof validator to check, with certainty, that the proof is valid and hence the untrusted code is safe to execute.

In this project, we participate in the specification of security requirements and resource policies to be studied throughout the project. We have contributed with techniques for generating small and easy to check PCC certificates for resource-aware static analyses. One of the major achievement of the project has been to run PCC checkers on resource-constrained mobile devices.