Towards Practical Enforcement Theories

14 years 6 months ago

Download disi.unitn.it

Runtime enforcement is a common mechanism for ensuring that program executions adhere to constraints speciﬁed by a security policy. It is based on two simple ideas: the enforcement mechanism should leave good executions without changes and make sure that the bad ones got amended. From the theory side, a number of papers [6, 10, 12] provide the precise characterization of good executions that can be captured by a security policy and thus enforced by a speciﬁc mechanism. Unfortunately, those theories do not distinguish what happens when an execution is actually bad (the practical case). The theory only says that the outcome of enforcement mechanism should be “good” but not how far should the bad execution be changed. If we consider a real-life example of a drug dispensation process in a hospital the notion of security automata or even edit automata would stop all requests by all doctors on all drugs and all dispensation protocols, as soon as a doctor forgot to insert the research...

Nataliia Bielova, Fabio Massacci, Andrea Michelett

Real-time Traffic

Enforcement Mechanism | NORDSEC 2009 | Program Executions | Security Policy | Security Privacy |

claim paper

Post Info
More Details (n/a)

Added	27 May 2010
Updated	27 May 2010
Type	Conference
Year	2009
Where	NORDSEC
Authors	Nataliia Bielova, Fabio Massacci, Andrea Micheletti

Comments (0)

Sciweavers

Towards Practical Enforcement Theories

Enforcement Mechanism | NORDSEC 2009 | Program Executions | Security Policy | Security Privacy |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers