Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
ACM Transactions on Information and System Security (TISSEC)
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Foundations for the run-time analysis of software systems
Foundations for the run-time analysis of software systems
Computability classes for enforcement mechanisms
ACM Transactions on Programming Languages and Systems (TOPLAS)
Proving the Correctness of Multiprocess Programs
IEEE Transactions on Software Engineering
Enforcing non-safety security policies with program monitors
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Formal enforcement of security policies on concurrent systems
Journal of Symbolic Computation
Corrective Enforcement: A New Paradigm of Security Policy Enforcement by Monitors
ACM Transactions on Information and System Security (TISSEC)
Optimized inlining of runtime monitors
NordSec'11 Proceedings of the 16th Nordic conference on Information Security Technology for Applications
FASER Formal and Automatic Security Enforcement by Rewriting by BPA algebra with test
International Journal of Grid and Utility Computing
Hi-index | 0.00 |
Execution monitoring (EM) is a widely adopted class of security mechanisms. EM-enforceable security properties are usually characterized by security automata and their derivatives. However Edit automata (EA) have been recently proposed to specify more powerful EMs. Being able to feign the execution of sensitive program actions, these EMs are supposed to enforce more security properties. However, feigning program actions will usually make the program behaving in discordance with its specification since the effects of feigned actions are not reflected in the program states. In this paper we highlight this problem and show how program rewriting can be a reliable enforcement alternative. The paper contribution is mainly a semantics foundation for program rewriting enforcement of EA-enforceable security properties.