Aspect-oriented in-lined reference monitors

Authors:
Kevin W. Hamlen;Micah Jones
Affiliations:
University of Texas at Dallas, Richardson, TX, USA;University of Texas at Dallas, Richardson, TX, USA
Venue:
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Year:
2008

Citing 20
Cited 14

Temporal and modal logic

Handbook of theoretical computer science (vol. B)
Classes and mixins

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The design and implementation of a certifying compiler

PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
SASI enforcement of security policies: a retrospective

Proceedings of the 1999 workshop on New security paradigms
Enforceable security policies

ACM Transactions on Information and System Security (TISSEC)
Hyper/J: multi-dimensional separation of concerns for Java

ICSE '01 Proceedings of the 23rd International Conference on Software Engineering
An Overview of AspectJ

ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
A theory of aspects

ICFP '03 Proceedings of the eighth ACM SIGPLAN international conference on Functional programming
Java-MaC: A Run-Time Assurance Approach for Java Programs

Formal Methods in System Design
The inlined reference monitor approach to security policy enforcement

The inlined reference monitor approach to security policy enforcement
A semantics for advice and dynamic join points in aspect-oriented programming

ACM Transactions on Programming Languages and Systems (TOPLAS)
Composing security policies with polymer

Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Harmless advice

Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Computability classes for enforcement mechanisms

ACM Transactions on Programming Languages and Systems (TOPLAS)
Certified In-lined Reference Monitoring on .NET

Proceedings of the 2006 workshop on Programming languages and analysis for security
Security policy enforcement by automated program-rewriting

Security policy enforcement by automated program-rewriting
AspectML: A polymorphic aspect-oriented functional programming language

ACM Transactions on Programming Languages and Systems (TOPLAS)
Provably Correct Runtime Monitoring

FM '08 Proceedings of the 15th international symposium on Formal Methods
Java-MOP: a monitoring oriented programming environment for java

TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Enforcing non-safety security policies with program monitors

ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security

Programming languages and program analysis for security: a three-year retrospective

ACM SIGPLAN Notices
ActionScript bytecode verification with co-logic programming

Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Security Monitor Inlining for Multithreaded Java

Genoa Proceedings of the 23rd European Conference on ECOOP 2009 --- Object-Oriented Programming
Enforcing IRM security policies: two case studies

ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
Disambiguating aspect-oriented security policies

Proceedings of the 9th International Conference on Aspect-Oriented Software Development
Flexible in-lined reference monitor certification: challenges and future directions

Proceedings of the 5th ACM workshop on Programming languages meets program verification
Garbage collection for monitoring parametric properties

Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Model-checking in-lined reference monitors

VMCAI'10 Proceedings of the 11th international conference on Verification, Model Checking, and Abstract Interpretation
Using AOP for detailed runtime monitoring instrumentation

WODA '09 Proceedings of the Seventh International Workshop on Dynamic Analysis
Aspect-Oriented runtime monitor certification

TACAS'12 Proceedings of the 18th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Security-policy monitoring and enforcement with JavaMOP

Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
Efficient runtime policy enforcement using counterexample-guided abstraction refinement

CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
TreeDroid: a tree automaton based approach to enforcing data processing policies

Proceedings of the 2012 ACM conference on Computer and communications security
Security Issues for Cloud Computing

International Journal of Information Security and Privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

An Aspect-Oriented, declarative, security policy specification language is presented, for enforcement by In-lined Reference Monitors. The semantics of the language establishes a formal connection between Aspect-Oriented Programming and In-lined Reference Monitoring wherein policy specifications denote Aspect-Oriented security automata---security automata whose edge labels are encoded as pointcut expressions. The prototype language implementation enforces these security policies by automatically rewriting Java bytecode programs so as to detect and prevent policy violations at runtime.