Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
History-based access control for mobile code
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Enforcing trace properties by program transformation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
ACM Transactions on Information and System Security (TISSEC)
SAFKASI: a security mechanism for language-based systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
Types and programming languages
Types and programming languages
Model checking security properties of control flow graphs
Journal of Computer Security
Principles of Program Analysis
Principles of Program Analysis
Using reflection as a mechanism for enforcing security policies on compiled code
Journal of Computer Security - Special issue on ESORICS 2000
IRM Enforcement of Java Stack Inspection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Model-carrying code: a practical approach for safe execution of untrusted applications
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Computability classes for enforcement mechanisms
ACM Transactions on Programming Languages and Systems (TOPLAS)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Making trace monitors feasible
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
ConSpec -- A Formal Language for Policy Specification
Electronic Notes in Theoretical Computer Science (ENTCS)
Execution monitoring enforcement under memory-limitation constraints
Information and Computation
CMV: automatic verification of complete mediation for java virtual machines
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Execution monitoring enforcement for limited-memory systems
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
HBAC: a model for history-based access control and its model checking
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Optimized inlining of runtime monitors
NordSec'11 Proceedings of the 16th Nordic conference on Information Security Technology for Applications
Hi-index | 0.00 |
Inlined Reference Monitor (IRM) is an established enforcement mechanism for history-based access control policies. IRM enforcement injects monitoring code into the binary of an untrusted program in order to track its execution history. The injected code denies access when execution deviates from the policy. The viability of IRM enforcement is predicated on the ability of the binary rewriting element to optimize away redundant monitoring code without compromising security. This work proposes a novel optimization framework for IRM enforcement. The scheme is based on a constrained representation of history-based access control policies, which, despite its constrained expressiveness, can express such policies as separation of duty, generalized Chinese Wall policies, and hierarchical one-out-of-k authorization. An IRM optimization procedure has been designed to exploit the structure of this policy representation. The optimization scheme is then extended into a distributed optimization protocol, in which an untrusted code producer attempts to help boost the optimization effectiveness of an IRM enforcement mechanism administered by a distrusting code consumer. It is shown that the optimization procedure provably preserves security even in the midst of distributed optimization. A prototype of the optimization procedure has been implemented for Java bytecode, and its effectiveness has been empirically profiled.