The Inlined Reference Monitor Approach to Security Policy Enforcement
نویسنده
چکیده
منابع مشابه
Secure Optimization of Inlined Reference Monitors
Inlined Reference Monitor (IRM) is the preferred enforcement mechanism for historybased access control policies. IRM enforcement injects monitoring code into the binary of an untrusted program in order to track its execution history. The injected code denies access when execution deviates from the policy. The viability of IRM enforcement is predicated on the ability of the binary rewriting elem...
متن کاملA Caller-Side Inline Reference Monitor for an Object-Oriented Intermediate Language: Extended version
Runtime security policy enforcement systems are crucial to limit the risks associated with running untrustworthy (malicious or buggy) code. The inlined reference monitor approach to policy enforcement, pioneered by Erlingsson and Schneider, implements runtime enforcement through program rewriting: security checks are inserted inside untrusted programs. Ensuring complete mediation – the guarante...
متن کاملA Caller-Side Inline Reference Monitor for an Object-Oriented Intermediate Language
Runtime security policy enforcement systems are crucial to limit the risks associated with running untrustworthy (malicious or buggy) code. The inlined reference monitor approach to policy enforcement, pioneered by Erlingsson and Schneider, implements runtime enforcement through program rewriting: security checks are inserted inside untrusted programs. Ensuring complete mediation – the guarante...
متن کاملSecurity monitor inlining and certification for multithreaded Java
Security monitor inlining is a technique for security policy enforcement whereby monitor functionality is injected into application code in the style of aspect-oriented programming. The intention is that the injected code enforces compliance with the policy (security), and otherwise interferes with the application as little as possible (conservativity and transparency). Such inliners are said t...
متن کاملTowards Automated Authorization Policy Enforcement
In systems with shared resources, authorization policy enforcement ensures that these resources are accessible only to users who are allowed to do so. Recently, there is growing interest to (i) extend authorization policy enforcement mechanisms provided by the operating system, and (ii) enable user-space servers to enforce authorization policies on their clients. A popular mechanism for authori...
متن کامل