Compilers: principles, techniques, and tools
Compilers: principles, techniques, and tools
Enforcing trace properties by program transformation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
ACM Transactions on Information and System Security (TISSEC)
Steering of Real-Time Systems Based on Monitoring and Checking
WORDS '99 Proceedings of the Fifth International Workshop on Object-Oriented Real-Time Dependable Systems
Information extraction for run-time formal analysis
Information extraction for run-time formal analysis
Java-MaC: A Run-Time Assurance Approach for Java Programs
Formal Methods in System Design
The inlined reference monitor approach to security policy enforcement
The inlined reference monitor approach to security policy enforcement
Computability classes for enforcement mechanisms
ACM Transactions on Programming Languages and Systems (TOPLAS)
The software model checker Blast: Applications to software engineering
International Journal on Software Tools for Technology Transfer (STTT)
Execution monitoring enforcement under memory-limitation constraints
Information and Computation
Monitoring of real-time properties
FSTTCS'06 Proceedings of the 26th international conference on Foundations of Software Technology and Theoretical Computer Science
Enforcing non-safety security policies with program monitors
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Using equivalence relations for corrective enforcement of security policies
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
You should better enforce than verify
RV'10 Proceedings of the First international conference on Runtime verification
Corrective enforcement of security policies
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Corrective Enforcement: A New Paradigm of Security Policy Enforcement by Monitors
ACM Transactions on Information and System Security (TISSEC)
Optimized inlining of runtime monitors
NordSec'11 Proceedings of the 16th Nordic conference on Information Security Technology for Applications
Iterative enforcement by suppression: Towards practical enforcement theories
Journal of Computer Security - ARSPA-WITS'10
| Hi-index | 0.00 |
A promising solution to the problem of securing potentially malicious mobile code lies in the use of program monitors. Such monitors can be in-lined into an untrusted program to produce an instrumented code that provably satisfies the security policy. It is well known that enforcement mechanisms based on Schneider's security automata only enforce safety properties [1]. Yet subsequent studies show that a wider range of properties than those implemented so far could be enforced using monitors. In this paper, we present an approach to produce a model of an instrumented program from a security requirement represented by a Rabin automaton and a model of the program. Based on an a priori knowledge of the program behavior, this approach allows to enforce, in some cases, more than safety properties. We provide a theorem stating that a truncation enforcement mechanism considering only the set of possible executions of a specific program is strictly more powerful than a mechanism considering all the executions over an alphabet of actions.