Sciweavers

CCS
2008
ACM

Enforcing authorization policies using transactional memory introspection

14 years 1 months ago
Enforcing authorization policies using transactional memory introspection
Correct enforcement of authorization policies is a difficult task, especially for multi-threaded software. Even in carefully-reviewed code, unauthorized access may be possible in subtle corner cases. We introduce Transactional Memory Introspection (TMI), a novel reference monitor architecture that builds on Software Transactional Memory--a new, attractive alternative for writing correct, multi-threaded software. TMI facilitates correct security enforcement by simplifying how the reference monitor integrates with software functionality. TMI can ensure complete mediation of security-relevant operations, eliminate race conditions related to security checks, and simplify handling of authorization failures. We present the design and implementation of a TMI-based reference monitor and experiment with its use in enforcing authorization policies on four significant servers. Our experiments confirm the benefits of the TMI architecture and show that it imposes an acceptable runtime overhead. Ca...
Arnar Birgisson, Mohan Dhawan, Úlfar Erling
Added 12 Oct 2010
Updated 12 Oct 2010
Type Conference
Year 2008
Where CCS
Authors Arnar Birgisson, Mohan Dhawan, Úlfar Erlingsson, Vinod Ganapathy, Liviu Iftode
Comments (0)