POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A type system for expressive security policies
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
ACM Transactions on Information and System Security (TISSEC)
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
The inlined reference monitor approach to security policy enforcement
The inlined reference monitor approach to security policy enforcement
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Computability classes for enforcement mechanisms
ACM Transactions on Programming Languages and Systems (TOPLAS)
Certified In-lined Reference Monitoring on .NET
Proceedings of the 2006 workshop on Programming languages and analysis for security
Policy enforcement via program monitoring
Policy enforcement via program monitoring
AspectML: A polymorphic aspect-oriented functional programming language
ACM Transactions on Programming Languages and Systems (TOPLAS)
Aspect-oriented in-lined reference monitors
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Provably Correct Runtime Monitoring
FM '08 Proceedings of the 15th international symposium on Formal Methods
Run-Time Enforcement of Nonsafety Policies
ACM Transactions on Information and System Security (TISSEC)
ConSpec – A formal language for policy specification
Science of Computer Programming
ActionScript bytecode verification with co-logic programming
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Exploiting an antivirus interface
Computer Standards & Interfaces
Security Monitor Inlining for Multithreaded Java
Genoa Proceedings of the 23rd European Conference on ECOOP 2009 --- Object-Oriented Programming
Enforcing IRM security policies: two case studies
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
Disambiguating aspect-oriented security policies
Proceedings of the 9th International Conference on Aspect-Oriented Software Development
FIRM: capability-based inline mediation of Flash behaviors
Proceedings of the 26th Annual Computer Security Applications Conference
Flexible in-lined reference monitor certification: challenges and future directions
Proceedings of the 5th ACM workshop on Programming languages meets program verification
ActionScript in-lined reference monitoring in prolog
PADL'10 Proceedings of the 12th international conference on Practical Aspects of Declarative Languages
Model-checking in-lined reference monitors
VMCAI'10 Proceedings of the 11th international conference on Verification, Model Checking, and Abstract Interpretation
Java-MOP: a monitoring oriented programming environment for java
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Hi-index | 0.00 |
In-lining runtime monitors into untrusted binary programs via aspect-weaving is an increasingly popular technique for efficiently and flexibly securing untrusted mobile code. However, the complexity of the monitor implementation and in-lining process in these frameworks can lead to vulnerabilities and low assurance for code-consumers. This paper presents a machine-verification technique for aspect-oriented in-lined reference monitors based on abstract interpretation and model-checking. Rather than relying upon trusted advice, the system verifies semantic properties expressed in a purely declarative policy specification language. Experiments on a variety of real-world policies and Java applications demonstrate that the approach is practical and effective.