Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A type system for expressive security policies
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ACM Transactions on Information and System Security (TISSEC)
IRM Enforcement of Java Stack Inspection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Model-carrying code: a practical approach for safe execution of untrusted applications
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Composing security policies with polymer
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Certified In-lined Reference Monitoring on .NET
Proceedings of the 2006 workshop on Programming languages and analysis for security
Enforcing resource bounds via static verification of dynamic checks
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Session types for object-oriented languages
ECOOP'06 Proceedings of the 20th European conference on Object-Oriented Programming
ICSE COMPANION '07 Companion to the proceedings of the 29th International Conference on Software Engineering
Verifiable control flow policies for java bytecode
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Hi-index | 0.00 |
With the emergence of support for third-party applications on mobile devices such as cell phones and PDA's, support for setting application security policies is also built into these devices. While this can significantly increase security for end-users, it also significantly complicates the task of building useful and reliable applications for these devices. Different devices will set different policies, and violations of the policy will lead to security exceptions or even immediate abortion of the application potentially leaving it in an inconsistent state. This paper addresses this issue in the context of application security policies specified by means of security automata, and enforced by means of run-time monitoring. We propose a language element, the check block, that developers can use to make their applications more security monitor-aware. At run-time, a check block will query the security policy enforced by the monitor to make sure that the body of the block will not lead to policy-violations. At compile time, a static check ensures that the generated runtime check is adequate. We present a formalization of the static and dynamic semantics of the check block, and we outline how it can be implemented on top of C# or Java.