Equivalence-preserving corrective enforcement of security properties
نویسندگان
چکیده
Runtime monitoring is a widely used approach for the enforcement of security policies. It allows the safe execution of untrusted code by observing the execution and reacting if needed to prevent a violation of a user-defined security policy. Previous studies have determined that the set of security properties enforceable by monitors is greatly extended by giving the monitor some licence to transform its target execution. In this study, we present a new framework to model and study the behaviour of such monitors. In order to assure that the enforcement is meaningful, we bound the monitor’s ability to transform the target execution by a restriction stating that any transformation must preserve equivalence between the monitor’s input and output. We proceed by giving examples of meaningful equivalence relations and identify the security policies that are enforceable with their use. We also relate our work to previous work in this field. Finally, we investigate how an a priori knowledge of the target program’s behaviour would increase the monitor’s enforcement power.
منابع مشابه
Using Equivalence Relations for Corrective Enforcement of Security Policies
In this study, we present a new framework of runtime enforcement of security policies. Building on previous studies, we examine the enforcement power of monitors capable of transforming their target’s execution. We bound this ability by a restriction stating that any transformation must preserve equivalence between the monitor’s input and output. We proceed by giving examples of meaningful equi...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملA Corrective Enforcement: A new Paradigm of Security Policy Enforcement by Monitors
Runtime monitoring is an increasingly popular method to ensure the safe execution of untrusted codes. Monitors observe and transform the execution of these codes, responding when needed to correct or prevent a violation of a user-defined security policy. Prior research has shown that the set of properties monitors can enforce correlates with the latitude they are given to transform and alter th...
متن کاملCorrective Enforcement of Security Policies
Monitoring is a powerful security policy enforcement paradigm that allows the execution of a potentially malicious software by observing and transforming it, thus ensuring its compliance with a user-defined security policy. Yet some restrictions must be imposed on the monitor’s ability to transform sequences, so that key elements of the execution’s semantics are preserved. An approximation of t...
متن کاملMonitoring of Security Properties Using BeepBeep
Runtime enforcement is an effective method to ensure the compliance of program with user-defined security policies. In this paper we show how the stream event processor tool BeepBeep can be used to monitor the security properties of Java programs. The proposed approach relies on AspectJ to generate a trace capturing the program’s runtime behavior. This trace is then processed by BeepBeep, a com...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IJICS
دوره 7 شماره
صفحات -
تاریخ انتشار 2015