Model-Checking In-Lined Reference Monitors

14 years 8 months ago

Download www.utdallas.edu

Abstract. A technique for elegantly expressing In-lined Reference Monitor (IRM) certification as model-checking is presented and implemented. In-lined Reference Monitors (IRM's) enforce software security policies by in-lining dynamic security guards into untrusted binary code. Certifying IRM systems provide strong formal guarantees for such systems by verifying that the instrumented code produced by the IRM system satisfies the original policy. Expressing this certification step as model-checking allows well-established model-checking technologies to be applied to this often difficult certification task. The technique is demonstrated through the enforcement and certification of a URL anti-redirection policy for ActionScript web applets.

Meera Sridhar, Kevin W. Hamlen

Real-time Traffic

Certification Step | Difficult Certification Task | IRM Systems | Software Engineering | VMCAI 2010 |

claim paper

Post Info
More Details (n/a)

Added	05 Mar 2010
Updated	08 Mar 2010
Type	Conference
Year	2010
Where	VMCAI
Authors	Meera Sridhar, Kevin W. Hamlen

Comments (0)

Sciweavers

Model-Checking In-Lined Reference Monitors

Certification Step | Difficult Certification Task | IRM Systems | Software Engineering | VMCAI 2010 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers