Automatic verification of finite-state concurrent systems using temporal logic specifications
ACM Transactions on Programming Languages and Systems (TOPLAS)
Precise interprocedural dataflow analysis via graph reachability
POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
IEEE Transactions on Software Engineering - Special issue on formal methods in software practice
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Bandera: extracting finite-state models from Java source code
Proceedings of the 22nd international conference on Software engineering
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Access rights analysis for Java
OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
MOPS: an infrastructure for examining security properties of software
Proceedings of the 9th ACM conference on Computer and communications security
Bebop: A Symbolic Model Checker for Boolean Programs
Proceedings of the 7th International SPIN Workshop on SPIN Model Checking and Software Verification
Using CQUAL for Static Analysis of Authorization Hook Placement
Proceedings of the 11th USENIX Security Symposium
Temporal-Safety Proofs for Systems Code
CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
PVS: Combining Specification, Proof Checking, and Model Checking
CAV '96 Proceedings of the 8th International Conference on Computer Aided Verification
Using Programmer-Written Compiler Extensions to Catch Security Holes
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Empowering mobile code using expressive security policies
Proceedings of the 2002 workshop on New security paradigms
IRM Enforcement of Java Stack Inspection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Model-carrying code: a practical approach for safe execution of untrusted applications
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Retrofitting Legacy Code for Authorization Policy Enforcement
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Applying flow-sensitive CQUAL to verify MINIX authorization check placement
Proceedings of the 2006 workshop on Programming languages and analysis for security
Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Checking system rules using system-specific, programmer-written compiler extensions
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Statically detecting likely buffer overflow vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Detecting format string vulnerabilities with type qualifiers
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
USITS'97 Proceedings of the USENIX Symposium on Internet Technologies and Systems on USENIX Symposium on Internet Technologies and Systems
Proof linking: distributed verification of java classfiles in the presence of multiple classloaders
JVM'01 Proceedings of the 2001 Symposium on JavaTM Virtual Machine Research and Technology Symposium - Volume 1
Efficient IRM enforcement of history-based access control policies
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
On-device control flow verification for Java programs
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
A security policy oracle: detecting security holes using multiple API implementations
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
RoleCast: finding missing security checks when you do not know what checks are
Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications
| Hi-index | 0.00 |
Runtime monitoring systems play an important role in system security, and verification efforts that ensure that these systems satisfy certain desirable security properties are growing in importance. One such security property is complete mediation, which requires that sensitive operations are performed by a piece of code only after the monitoring system authorizes these actions. In this paper, we describe a verification technique that is designed to check for the satisfaction of this property directly on code from Java standard libraries. We describe a tool CMV that implements this technique and automatically checks shrink-wrapped Java bytecode for the complete mediation property. Experimental results on running our tool over several thousands of lines of bytecode from the Java libraries suggest that our approach is scalable, and leads to a very significant reduction in human efforts required for system verification.