Proceedings of the fourteenth annual ACM symposium on Principles of distributed computing
A General Theory of Composition for a Class of "Possibilistic" Properties
IEEE Transactions on Software Engineering
A lightweight architecture for program execution monitoring
Proceedings of the 1998 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
History-based access control for mobile code
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
A type system for expressive security policies
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
ACM Transactions on Information and System Security (TISSEC)
An algebra for composing access control policies
ACM Transactions on Information and System Security (TISSEC)
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
Monitoring Software Requirements Using Instrumented Code
HICSS '02 Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 9 - Volume 9
On the Composition of Secure Systems
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
IRM Enforcement of Java Stack Inspection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Policy-directed code safety
Foundations for the run-time analysis of software systems
Foundations for the run-time analysis of software systems
The inlined reference monitor approach to security policy enforcement
The inlined reference monitor approach to security policy enforcement
Efficient Decentralized Monitoring of Safety in Distributed Systems
Proceedings of the 26th International Conference on Software Engineering
Efficient monitoring of safety properties
International Journal on Software Tools for Technology Transfer (STTT) - Special section on tools and algorithms for the construction and analysis of systems
Composing security policies with polymer
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Composable memory transactions
Proceedings of the tenth ACM SIGPLAN symposium on Principles and practice of parallel programming
Computability classes for enforcement mechanisms
ACM Transactions on Programming Languages and Systems (TOPLAS)
Certified In-lined Reference Monitoring on .NET
Proceedings of the 2006 workshop on Programming languages and analysis for security
JavaScript instrumentation for browser security
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Policy enforcement via program monitoring
Policy enforcement via program monitoring
An Approach for the Specification, Verification and Synthesis of Secure Systems
Electronic Notes in Theoretical Computer Science (ENTCS)
Security policy enforcement by automated program-rewriting
Security policy enforcement by automated program-rewriting
Through Modeling to Synthesis of Security Automata
Electronic Notes in Theoretical Computer Science (ENTCS)
Automated Synthesis of Enforcing Mechanisms for Security Properties in a Timed Setting
Electronic Notes in Theoretical Computer Science (ENTCS)
Provably Correct Runtime Monitoring
FM '08 Proceedings of the 15th international symposium on Formal Methods
Types and effects for non-interfering program monitors
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
A tool for the synthesis of controller programs
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Enhancing Java security with history based access control
Foundations of security analysis and design IV
Enforcing non-safety security policies with program monitors
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Proceedings of the 2009 ACM symposium on Applied Computing
On the expressiveness and complexity of randomization in finite state monitors
Journal of the ACM (JACM)
Towards Practical Enforcement Theories
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Infringo ergo sum: when will software engineering support infringements?
Proceedings of the FSE/SDP workshop on Future of software engineering research
Using equivalence relations for corrective enforcement of security policies
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
A theory of runtime enforcement, with results
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
You should better enforce than verify
RV'10 Proceedings of the First international conference on Runtime verification
Security rules versus security properties
ICISS'10 Proceedings of the 6th international conference on Information systems security
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Runtime enforcement monitors: composition, synthesis, and enforcement abilities
Formal Methods in System Design
Relationship-based access control policies and their policy languages
Proceedings of the 16th ACM symposium on Access control models and technologies
A location-based policy-specification language for mobile devices
Pervasive and Mobile Computing
Corrective Enforcement: A New Paradigm of Security Policy Enforcement by Monitors
ACM Transactions on Information and System Security (TISSEC)
Aspect-Oriented runtime monitor certification
TACAS'12 Proceedings of the 18th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Enforceable security policies revisited
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Optimized inlining of runtime monitors
NordSec'11 Proceedings of the 16th Nordic conference on Information Security Technology for Applications
Asynchronous distributed monitoring for multiparty session enforcement
TGC'11 Proceedings of the 6th international conference on Trustworthy Global Computing
A quantitative approach for inexact enforcement of security policies
ISC'12 Proceedings of the 15th international conference on Information Security
Behavioral specification based runtime monitors for OSGi services
ISoLA'12 Proceedings of the 5th international conference on Leveraging Applications of Formal Methods, Verification and Validation: technologies for mastering change - Volume Part I
Securing untrusted code via compiler-agnostic binary rewriting
Proceedings of the 28th Annual Computer Security Applications Conference
Least-restrictive enforcement of the Chinese wall security policy
Proceedings of the 18th ACM symposium on Access control models and technologies
Enforceable Security Policies Revisited
ACM Transactions on Information and System Security (TISSEC)
Relational abstraction in community-based secure collaboration
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Implementing real-time transactional security property using timed edit automata
Proceedings of the 6th International Conference on Security of Information and Networks
International Journal of High Performance Computing and Networking
Iterative enforcement by suppression: Towards practical enforcement theories
Journal of Computer Security - ARSPA-WITS'10
Hi-index | 0.00 |
A common mechanism for ensuring that software behaves securely is to monitor programs at run time and check that they dynamically adhere to constraints specified by a security policy. Whenever a program monitor detects that untrusted software is attempting to execute a dangerous action, it takes remedial steps to ensure that only safe code actually gets executed. This article improves our understanding of the space of policies enforceable by monitoring the run-time behaviors of programs. We begin by building a formal framework for analyzing policy enforcement: we precisely define policies, monitors, and enforcement. This framework allows us to prove that monitors enforce an interesting set of policies that we call the infinite renewal properties. We show how to construct a program monitor that provably enforces any reasonable infinite renewal property. We also show that the set of infinite renewal properties includes some nonsafety policies, that is, that monitors can enforce some nonsafety (including some purely liveness) policies. Finally, we demonstrate concrete examples of nonsafety policies enforceable by practical run-time monitors.