Using Edit Automata for Rewriting-Based Security Enforcement

Authors:
Hakima Ould-Slimane;Mohamed Mejri;Kamel Adi
Affiliations:
Computer Science Department, Laval University, Quebec, Canada;Computer Science Department, Laval University, Quebec, Canada;Computer Science Department, University of Quebec in Outaouais, Canada
Venue:
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Year:
2009

Citing 8
Cited 4

Proof-carrying code

Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective

Proceedings of the 1999 workshop on New security paradigms
Enforceable security policies

ACM Transactions on Information and System Security (TISSEC)
An Overview of AspectJ

ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Foundations for the run-time analysis of software systems

Foundations for the run-time analysis of software systems
Computability classes for enforcement mechanisms

ACM Transactions on Programming Languages and Systems (TOPLAS)
Proving the Correctness of Multiprocess Programs

IEEE Transactions on Software Engineering
Enforcing non-safety security policies with program monitors

ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security

Formal enforcement of security policies on concurrent systems

Journal of Symbolic Computation
Corrective Enforcement: A New Paradigm of Security Policy Enforcement by Monitors

ACM Transactions on Information and System Security (TISSEC)
Optimized inlining of runtime monitors

NordSec'11 Proceedings of the 16th Nordic conference on Information Security Technology for Applications
FASER Formal and Automatic Security Enforcement by Rewriting by BPA algebra with test

International Journal of Grid and Utility Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Execution monitoring (EM) is a widely adopted class of security mechanisms. EM-enforceable security properties are usually characterized by security automata and their derivatives. However Edit automata (EA) have been recently proposed to specify more powerful EMs. Being able to feign the execution of sensitive program actions, these EMs are supposed to enforce more security properties. However, feigning program actions will usually make the program behaving in discordance with its specification since the effects of feigned actions are not reflected in the program states. In this paper we highlight this problem and show how program rewriting can be a reliable enforcement alternative. The paper contribution is mainly a semantics foundation for program rewriting enforcement of EA-enforceable security properties.