Corrective enforcement of security policies

Authors:
Raphael Khoury;Nadia Tawbi
Affiliations:
Laval University, Department of Computer Science and Software Engineering;Laval University, Department of Computer Science and Software Engineering
Venue:
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Year:
2010

Citing 8
Cited 2

Enforceable security policies

ACM Transactions on Information and System Security (TISSEC)
Computability classes for enforcement mechanisms

ACM Transactions on Programming Languages and Systems (TOPLAS)
Execution monitoring enforcement under memory-limitation constraints

Information and Computation
Security Policies Enforcement Using Finite Edit Automata

Electronic Notes in Theoretical Computer Science (ENTCS)
Towards Practical Enforcement Theories

NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Generating In-Line Monitors for Rabin Automata

NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Using equivalence relations for corrective enforcement of security policies

MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Enforcing non-safety security policies with program monitors

ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security

Corrective Enforcement: A New Paradigm of Security Policy Enforcement by Monitors

ACM Transactions on Information and System Security (TISSEC)
FASER Formal and Automatic Security Enforcement by Rewriting by BPA algebra with test

International Journal of Grid and Utility Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Monitoring is a powerful security policy enforcement paradigm that allows the execution of a potentially malicious software by observing and transforming it, thus ensuring its compliance with a user-defined security policy. Yet some restrictions must be imposed on the monitor's ability to transform sequences for the enforcement to be meaningful. The intuition behind our model is that the monitor should be bounded to output a sequence that both respects the desired security property and preserves key elements of the execution's semantics. An approximation of the sequence is executed rather than an equivalent one. This approximation must preserve the essential behavior of the sequence as intended by the user. In this paper, we propose a framework to express and study such a restriction based on partial orders. We give several examples of real-life security policies and propose monitors capable of enforcing these properties. We then turn to the question of comparing several monitors enforcing the same security property.