Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ACM Transactions on Information and System Security (TISSEC)
Model-Carrying Code (MCC): a new paradigm for mobile-code security
Proceedings of the 2001 workshop on New security paradigms
Composing security policies with polymer
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Abstraction carrying code and resource-awareness
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
Symbian OS Platform Security
Adding trace matching with free variables to AspectJ
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Mop: an efficient and generic runtime verification framework
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Java-MOP: a monitoring oriented programming environment for java
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
| Hi-index | 0.00 |
We have developed Modular Policy Language (MPL) for embedding rule-based security monitors into Java programs. Our monitors can capture and save all kind of information related to monitored program execution and then use that information to prevent unwanted, malicious program behaviour. MPL descriptions are translated as AspectJ programs which are woven into bytecode-based Java programs before the execution or when loading bytecode modules into the execution environment. In this paper we describe our experiences of using MPL to describe security monitors. Although MPL is much more flexible and powerful than the basic security mechanism of Java security monitors, we find that MPL still suffers from certain weaknesses. Some of the weaknesses are only related to the present version of MPL whereas some are fundamentally related to program monitoring.