A note on denial-of-service in operating systems
IEEE Transactions on Software Engineering
Theoretical Computer Science
A Polynomial time Algorithm for the Local Testability Problem of Deterministic Finite Automata
IEEE Transactions on Computers
Computing the Order of a Locally Testable Automaton
SIAM Journal on Computing
Local languages and the Berry-Sethi algorithm
Theoretical Computer Science
History-based access control for mobile code
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
Families of locally testable languages
Theoretical Computer Science
ACM Transactions on Information and System Security (TISSEC)
Stack inspection: theory and variants
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
An Algorithm to Verify Local Threshold Testability of Deterministic Finite Automata
WIA '99 Revised Papers from the 4th International Workshop on Automata Implementation
A client-based transaction system to maintain data integrity
SOSP '79 Proceedings of the seventh ACM symposium on Operating systems principles
IRM Enforcement of Java Stack Inspection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Foundations for the run-time analysis of software systems
Foundations for the run-time analysis of software systems
Composing security policies with polymer
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Computability classes for enforcement mechanisms
ACM Transactions on Programming Languages and Systems (TOPLAS)
Proving the Correctness of Multiprocess Programs
IEEE Transactions on Software Engineering
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Efficient IRM enforcement of history-based access control policies
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
You should better enforce than verify
RV'10 Proceedings of the First international conference on Runtime verification
Verifiable control flow policies for java bytecode
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
| Hi-index | 0.00 |
Recently, attention has been given to formally characterize security policies that are enforceable by different kinds of security mechanisms. Since execution monitoring (EM) is a ubiquitous technique for enforcing security policies, this class of enforcement mechanisms has attracted the attention of the majority of authors characterizing security enforcement. A very important research problem is the characterization of security policies that are enforceable by execution monitors constrained by memory limitations. This paper contributes to give more precise answers to this research problem. To represent execution monitors constrained by memory limitations, we introduce a new class of automata that we call Bounded History Automata. Characterizing memory limitations gives rise to a precise taxonomy of security policies enforceable under such constraints. This work is in the same line as the research work advanced by Schneider [31], Ligatti et. al [1, 21] and Fong [12] on security enforcement. Our main contribution consists in (1) instantiating Fong's abstraction idea to deal with memory-limitations, (2) defining Bounded History Automata by applying our abstraction to both security automata and edit automata [1], and (3) Reasoning about the enforcement power of bounded history automata by investigating the enforcement of locally testable properties; a well studied class of languages that are recognizable by investigating "local" information. Our approach gives rise to a realistic evaluation of the enforcement power of execution monitoring. This evaluation is based on bounding the memory size used by the monitor to save execution history, and identifying the security policies enforceable under such constraint.