A Specificational Approach to High Level Program Monitoring and Measuring
IEEE Transactions on Software Engineering - Special issue on software measurement principles, techniques, and environments
ACM Computing Surveys (CSUR) - Special issue: position statements on strategic directions in computing research
Adding type parameterization to the Java language
Proceedings of the 12th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
A lightweight architecture for program execution monitoring
Proceedings of the 1998 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
History-based access control for mobile code
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Securing Java: getting down to business with mobile code
Securing Java: getting down to business with mobile code
Featherweight Java: a minimal core calculus for Java and GJ
Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
The Definition of Standard ML
Pointcuts and advice in higher-order languages
Proceedings of the 2nd international conference on Aspect-oriented software development
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Mechanisms for secure modular programming in Java
Software—Practice & Experience - Special issue: Security software
Monitoring Software Requirements Using Instrumented Code
HICSS '02 Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 9 - Volume 9
IRM Enforcement of Java Stack Inspection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Policy-directed code safety
ICFP '03 Proceedings of the eighth ACM SIGPLAN international conference on Functional programming
The inlined reference monitor approach to security policy enforcement
The inlined reference monitor approach to security policy enforcement
Efficient Decentralized Monitoring of Safety in Distributed Systems
Proceedings of the 26th International Conference on Software Engineering
Efficient monitoring of safety properties
International Journal on Software Tools for Technology Transfer (STTT) - Special section on tools and algorithms for the construction and analysis of systems
Composing security policies with polymer
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Policy enforcement via program monitoring
Policy enforcement via program monitoring
Lessons from the Sony CD DRM episode
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Types and effects for non-interfering program monitors
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Enforcing non-safety security policies with program monitors
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Proceedings of the 2009 ACM symposium on Applied Computing
A theory of runtime enforcement, with results
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Runtime enforcement monitors: composition, synthesis, and enforcement abilities
Formal Methods in System Design
A location-based policy-specification language for mobile devices
Pervasive and Mobile Computing
Information and Software Technology
Flexible access control for javascript
Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications
| Hi-index | 0.00 |
Program monitors enforce security policies by interposing themselves into the control flow of untrusted software whenever that software attempts to execute security-relevant actions. At the point of interposition, a monitor has authority to permit or deny (perhaps conditionally) the untrusted software's attempted action. Program monitors are common security enforcement mechanisms and integral parts of operating systems, virtual machines, firewalls, network auditors, and antivirus and antispyware tools. Unfortunately, the runtime policies we require program monitors to enforce grow more complex, both as the monitored software is given new capabilities and as policies are refined in response to attacks and user feedback. We propose dealing with policy complexity by organizing policies in such a way as to make them composable, so that complex policies can be specified more simply as compositions of smaller subpolicy modules. We present a fully implemented language and system called Polymer that allows security engineers to specify and enforce composable policies on Java applications. We formalize the central workings of Polymer by defining an unambiguous semantics for our language. Using this formalization, we state and prove an uncircumventability theorem which guarantees that monitors will intercept all security-relevant actions of untrusted software.