Sciweavers

ECOOP
2009
Springer

Security Monitor Inlining for Multithreaded Java

15 years 1 months ago
Security Monitor Inlining for Multithreaded Java
Abstract. Program monitoring is a well-established and efficient approach to security policy enforcement. An implementation of program monitoring that is particularly appealing for application-level policy enforcement is monitor inlining: the application is rewritten to push monitoring and policy enforcement code into the application itself. The intention is that the inserted code enforces compliance with the policy (security), and otherwise interferes with the application as little as possible (conservativity and transparency). For sequential Java-like languages, provably correct inlining algorithms have been proposed, but for the multithreaded setting, this is still an open problem. We show that no inliner for multithreaded Java can be both secure and transparent. It is however possible to identify a broad class of policies for which all three correctness criteria can be obtained. We propose an inliner that is correct for such policies, implement it for Java, and show that it is prac...
Mads Dam, Bart Jacobs 0002, Andreas Lundblad, Fran
Added 22 Nov 2009
Updated 22 Nov 2009
Type Conference
Year 2009
Where ECOOP
Authors Mads Dam, Bart Jacobs 0002, Andreas Lundblad, Frank Piessens
Comments (0)