Sciweavers

POPL
2015
ACM

Runtime Enforcement of Security Policies on Black Box Reactive Programs

8 years 7 months ago
Runtime Enforcement of Security Policies on Black Box Reactive Programs
Security enforcement mechanisms like execution monitors are used to make sure that some untrusted program complies with a policy. Different enforcement mechanisms have different strengths and weaknesses and hence it is important to understand the qualities of various enforcement mechanisms. This paper studies runtime enforcement mechanisms for reactive programs. We study the impact of two important constraints that many practical enforcement mechanisms satisfy: (1) the enforcement mechanism must handle each input/output event in finite time and on occurrence of the event (as opposed to for instance Ligatti’s edit automata that have the power to buffer events for an arbitrary amount of time), and (2) the enforcement mechanism treats the untrusted program as a black box: it can monitor and/or edit the input/output events that the program exhibits on execution and it can explore alternative executions of the program by running additional copies of the program and providing these diffe...
Minh Ngo, Fabio Massacci, Dimiter Milushev, Frank
Added 16 Apr 2016
Updated 16 Apr 2016
Type Journal
Year 2015
Where POPL
Authors Minh Ngo, Fabio Massacci, Dimiter Milushev, Frank Piessens
Comments (0)