A classification of &ohgr;-regular languages
Theoretical Computer Science
Compilers: principles, techniques, and tools
Compilers: principles, techniques, and tools
Tree automata, Mu-Calculus and determinacy
SFCS '91 Proceedings of the 32nd annual symposium on Foundations of computer science
A Control-Flow Normalization Algorithm and its Complexity
IEEE Transactions on Software Engineering
Making graphs reducible with controlled node splitting
ACM Transactions on Programming Languages and Systems (TOPLAS)
Characterizations of Reducible Flow Graphs
Journal of the ACM (JACM)
Enforcing trace properties by program transformation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
ACM Transactions on Information and System Security (TISSEC)
Efficient minimization of deterministic weak &ohgr;-automata
Information Processing Letters
The Rabin Index and Chain Automata, with Applications to Automatas and Games
Proceedings of the 7th International Conference on Computer Aided Verification
An n log n algorithm for minimizing states in a finite automaton
An n log n algorithm for minimizing states in a finite automaton
An efficient incremental DFA minimization algorithm
Natural Language Engineering
Efficient Decentralized Monitoring of Safety in Distributed Systems
Proceedings of the 26th International Conference on Software Engineering
Automaton-based Confidentiality Monitoring of Concurrent Programs
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Proving the Correctness of Multiprocess Programs
IEEE Transactions on Software Engineering
Security protocols, properties, and their monitoring
Proceedings of the fourth international workshop on Software engineering for secure systems
Infinite sequences and finite machines
SWCT '63 Proceedings of the 1963 Proceedings of the Fourth Annual Symposium on Switching Circuit Theory and Logical Design
Run-Time Enforcement of Nonsafety Policies
ACM Transactions on Information and System Security (TISSEC)
Efficient IRM enforcement of history-based access control policies
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Enforcing Security Policies on Programs
Proceedings of the 2006 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the fifth SoMeT_06
Automatic Enforcement of Security in Computer Networks
Proceedings of the 2007 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the sixth SoMeT_07
Using Edit Automata for Rewriting-Based Security Enforcement
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Generating In-Line Monitors for Rabin Automata
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Information Flow Monitor Inlining
CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
Minimising deterministic Büchi automata precisely using SAT solving
SAT'10 Proceedings of the 13th international conference on Theory and Applications of Satisfiability Testing
Hi-index | 0.00 |
A previous study showed how a monitor can be inlined into a potentially untrusted program, producing an instrumented version of this program which provably respects the desired security policy. That study extended previous approaches to the same problem in that it allowed non-safety properties to be monitored, and did not incur any runtime overhead. However, the algorithm itself runs in time $\mathcal{O}(2^{m\cdot n})$ , where n is the size of the original program and m that of the property being monitored, and the resulting instrumented program is increased in the order of $\mathcal{O}(m\cdot n)$ . These algorithmic factors limit the usefulness of the approach in practice. In this paper, we suggest several optimizations which reduce the algorithm's run time and the size of the resulting instrumented code. Using these optimizations, the monitor inlining can run in time $\mathcal{O}(v + e)$ where v and e are respectively the size and number of transitions present in the synchronous product of the original program and the property. Furthermore, we show how the size of the instrumented program can be minimized.