Proceedings of the fourteenth annual ACM symposium on Principles of distributed computing
Dealing with disaster: surviving misbehaved kernel extensions
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
ACM Transactions on Information and System Security (TISSEC)
Transaction Processing: Concepts and Techniques
Transaction Processing: Concepts and Techniques
Inside Java(TM) 2 Platform Security: Architecture, API Design, and Implementation
Inside Java(TM) 2 Platform Security: Architecture, API Design, and Implementation
Using CQUAL for Static Analysis of Authorization Hook Placement
Proceedings of the 11th USENIX Security Symposium
Linux Security Modules: General Security Support for the Linux Kernel
Proceedings of the 11th USENIX Security Symposium
Software transactional memory for dynamic-sized data structures
Proceedings of the twenty-second annual symposium on Principles of distributed computing
When Virtual Is Better Than Real
HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Language support for lightweight transactions
OOPSLA '03 Proceedings of the 18th annual ACM SIGPLAN conference on Object-oriented programing, systems, languages, and applications
Consistency analysis of authorization hook placement in the Linux security modules framework
ACM Transactions on Information and System Security (TISSEC)
Transactional Memory Coherence and Consistency
Proceedings of the 31st annual international symposium on Computer architecture
From Stack Inspection to Access Control: A Security Analysis for Libraries
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Automatic Detection and Masking of Nonatomic Exception Handling
IEEE Transactions on Software Engineering
ReVirt: enabling intrusion analysis through virtual-machine logging and replay
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Composable memory transactions
Proceedings of the tenth ACM SIGPLAN symposium on Principles and practice of parallel programming
Retrofitting Legacy Code for Authorization Policy Enforcement
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Compiler and runtime support for efficient software transactional memory
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
Managing Policy Updates in Security-Typed Languages
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
A flexible framework for implementing software transactional memory
Proceedings of the 21st annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
Supporting nested transactional memory in logTM
Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
Architectural Support for Software Transactional Memory
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Transactional Memory (Synthesis Lectures on Computer Architecture)
Transactional Memory (Synthesis Lectures on Computer Architecture)
Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis
ICSE '07 Proceedings of the 29th international conference on Software Engineering
An effective hybrid transactional memory system with strong isolation guarantees
Proceedings of the 34th annual international symposium on Computer architecture
Enforcing isolation and ordering in STM
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Microreboot — A technique for cheap recovery
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
TxLinux: using and managing hardware transactional memory in an operating system
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Semantics of transactional memory and automatic mutual exclusion
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Exceptional situations and program reliability
ACM Transactions on Programming Languages and Systems (TOPLAS)
Parallelizing security checks on commodity hardware
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
From STEM to SEAD: speculative execution for automated defense
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Tightlip: keeping applications from spilling the beans
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Laminar: practical fine-grained decentralized information flow control
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
An implementation and semantics for transactional memory introspection in Haskell
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
The case for JavaScript transactions: position paper
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Anomaly discovery and resolution in web access control policies
Proceedings of the 16th ACM symposium on Access control models and technologies
Fine-grained fault tolerance using device checkpoints
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Flexible access control for javascript
Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications
Hi-index | 0.00 |
Correct enforcement of authorization policies is a difficult task, especially for multi-threaded software. Even in carefully-reviewed code, unauthorized access may be possible in subtle corner cases. We introduce Transactional Memory Introspection (TMI), a novel reference monitor architecture that builds on Software Transactional Memory--a new, attractive alternative for writing correct, multi-threaded software. TMI facilitates correct security enforcement by simplifying how the reference monitor integrates with software functionality. TMI can ensure complete mediation of security-relevant operations, eliminate race conditions related to security checks, and simplify handling of authorization failures. We present the design and implementation of a TMI-based reference monitor and experiment with its use in enforcing authorization policies on four significant servers. Our experiments confirm the benefits of the TMI architecture and show that it imposes an acceptable runtime overhead.