منابع مشابه
Automata : Enforcement Mechanisms for Run - time Security Policies ?
We analyze the space of security policies that can be enforced by monitoring and modifying programs at run time. Our program monitors, called edit automata, are abstract machines that examine the sequence of application program actions and transform the sequence when it deviates from a specified policy. Edit automata have a rich set of transformational powers: They may terminate the application...
متن کاملRun-Time Enforcement of Secure JavaScript Subsets
Web sites that incorporate untrusted content may usebrowseror language-based methods to keep such contentfrom maliciously altering pages, stealing sensitive infor-mation, or causing other harm. We use accepted meth-ods from the study of programming languages to inves-tigate language-based methods for filtering and rewritingJavaScript code, using Facebook FBJS as a motiva...
متن کاملGate automata-driven run-time enforcement
Security and trust represent two different perspectives on the problem of guaranteeing the correct interaction among software components. Gate automata have been proposed as a formalism for the specification of both security and trust policies in the scope of the Security-by-Contract-withTrust (S×C×T) framework. Indeed, they watch the execution of a target program, possibly modifying its behavi...
متن کاملRun-time monitoring and enforcement of electronic contracts
Converting a conventional contract into an electronic equivalent that can be executed and enforced by computers is a challenging task. The difficulties are caused by the ambiguities that the original human-oriented text is likely to contain. The conversion process involves the conversion of the original text into mathematical notation. This paper discusses how standard conventional contracts ca...
متن کاملRun-Time Enforcement of Information- Flow Properties on Android
Recent years have seen a dramatic increase in the number and im-portance in daily life of mobile devices. The security properties thatthese devices provide to their applications, however, are inadequateto protect against many undesired behaviors. A broad class of suchbehaviors is violations of simple information-flow properties.This paper proposes an enforcement system that ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: ACM Transactions on Information and System Security
سال: 2009
ISSN: 1094-9224,1557-7406
DOI: 10.1145/1455526.1455532