Program Transformations under Dynamic Security Policies

نویسندگان

Massimo Bartoletti

Pierpaolo Degano

Gian Luigi Ferrari

چکیده

A new static analysis is proposed for programming languages with access control based on stack inspection. This analysis allows for various security-aware program optimizations. A novel feature of our static analysis is that it is parametric with respect to the security policy in force, so it needs not to be recomputed when the access rights are dynamically updated.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Language-based Security: Access Control and Static Analysis

We study security of mobile code at a linguistic level. In particular, we tackle the problem of designing expressive and efficient models for access control, as well as improving the performance of existing mechanisms. Static analysis is the main technical tool we use in order to enforce and optimise the security of programs. We begin our study with stack inspection, the access control model ad...

متن کامل

Very Static Enforcement of Dynamic Policies

Security policies are naturally dynamic. Reflecting this, there has been a growing interest in studying information-flow properties which change during program execution, including concepts such as declassification, revocation, and role-change. A static verification of a dynamic information flow policy, from a semantic perspective, should only need to concern itself with two things: 1) the depe...

متن کامل

Dynamic Security Labels and Noninterference

This paper explores information flow control in systems in which the security classes of data can vary dynamically. Information flow policies provide the means to express strong security requirements for data confidentiality and integrity. Recent work on security-typed programming languages has shown that information flow can be analyzed statically, ensuring that programs will respect the restr...

متن کامل

Software Security using Software Dynamic Translation

Software dynamic translation (SDT) is a technology that allows programs to be modified as they are running. Researchers have used SDT with good success to build a variety of useful software tools (e.g., binary translators, operating system simulators, low-overhead profilers, and dynamic optimizers). In this paper, we describe how SDT can be used to address the critical problem of providing soft...

متن کامل

Dynamic Deployment and Monitoring of Security Policies

INTER-TRUST is a framework for the specification, negotiation, deployment and dynamic adaptation of interoperable security policies, in the context of pervasive systems where devices are constantly exchanging critical information through the network. The dynamic adaptation of the security policies at runtime is addressed using AspectOriented Programming (AOP) that allows enforcing security requ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

Electr. Notes Theor. Comput. Sci.

دوره 99 شماره

صفحات -

تاریخ انتشار 2004

Program Transformations under Dynamic Security Policies

نویسندگان

چکیده

منابع مشابه

Language-based Security: Access Control and Static Analysis

Very Static Enforcement of Dynamic Policies

Dynamic Security Labels and Noninterference

Software Security using Software Dynamic Translation

Dynamic Deployment and Monitoring of Security Policies

عنوان ژورنال:

اشتراک گذاری