Skip to main content
SpringerLink
Log in

Runtime Enforcement with Partial Control

  • Conference paper
  • First Online:
Foundations and Practice of Security (FPS 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9482))

Included in the following conference series:

Abstract

This study carries forward the line of enquiry that seeks to characterize precisely which security policies are enforceable by runtime monitors. In this regard, Basin et al. recently refined the structure that helps distinguish between those actions that the monitor can potentially suppress or insert in the execution, from those that the monitor can only observe. In this paper, we generalize this model by organizing the universe of possible actions in a lattice that naturally corresponds to the levels of monitor control. We then delineate the set of properties that are enforceable under this paradigm and relate our results to previous work in the field. Finally, we explore the set of security policies that are enforceable if the monitor is given greater latitude to alter the execution of its target, which allows us to reflect on the capabilities of different types of monitors.

S. Hallé—The authors gratefully acknowledge the financial support of the Natural Sciences and Engineering Research Council of Canada (NSERC).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Security policies whose enforcement necessitates the examination of multiples execution sequences, such as noninterference policies, are not generally enforceable by monitors.

References

  1. Alpern, B., Schneider, F.: Defining liveness. Inf. Process. Lett. 21(4), 181–185 (1985)

    Article  MathSciNet  MATH  Google Scholar 

  2. Basin, D., Jugé, V., Klaedtke, F., Zalinescu, E.: Enforceable security policies revisited. ACM Trans. Inf. Syst. Secur. 16(1), 3 (2013)

    Article  Google Scholar 

  3. Bauer, L., Ligatti, J., Walker, D.: More enforceable security policies. In: Foundations of Computer Security, Copenhagen, Denmark (2002)

    Google Scholar 

  4. Beauquier, D., Pin, J.-E.: Languages and scanners. Theoret. Comput. Sci. 84(1), 3–21 (1991)

    Article  MATH  Google Scholar 

  5. Bielova, N., Massacci, F.: Do you really mean what you actually enforced? - edit automata revisited. Int. J. Inf. Secur. 10(4), 239–254 (2011)

    Article  Google Scholar 

  6. Bielova, N., Massacci, F.: Predictability of enforcement. In: Erlingsson, U., Wieringa, R., Zannone, N. (eds.) ESSoS 2011. LNCS, vol. 6542, pp. 73–86. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  7. Bielova, N., Massacci, F., Micheletti, A.: Towards practical enforcement theories. In: Jøsang, A., Maseng, T., Knapskog, S.J. (eds.) NordSec 2009. LNCS, vol. 5838, pp. 239–254. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  8. Bodden, E., Lam, P., Hendren, L.J.: Partially evaluating finite-state runtime monitors ahead of time. ACM Trans. Program. Lang. Syst. 34(2), 7 (2012)

    Google Scholar 

  9. Chabot, H., Khoury, R., Tawbi, N.: Extending the enforcement power of truncation monitors using static analysis. Comput. & Secur. 30(4), 194–207 (2011)

    Article  Google Scholar 

  10. Chang, E., Manna, Z., Pnueli, A.: The safety-progress classification. In: Bauer, F., Brauer, W., Schwichtenberg, H. (eds.) Logic and Algebra of Specifications. NATO ASI Series, vol. 94, pp. 143–202. Springer, Heidelberg (1991)

    Google Scholar 

  11. Falcone, Y., Fernandez, J.-C., Mounier, L.: Synthesizing enforcement monitors wrt. the safety-progress classification of properties. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol. 5352, pp. 41–55. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  12. Falcone, Y., Fernandez, J.-C., Mounier, L.: Runtime verification of safety-progress properties. In: Bensalem, S., Peled, D.A. (eds.) RV 2009. LNCS, vol. 5779, pp. 40–59. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  13. Fong, P.: Access control by tracking shallow execution history. In: Proceedings of the 2004 IEEE Symposium on Security and Privacy, California, USA, May, Oakland (2004)

    Google Scholar 

  14. Hamlen, K.W., Morrisett, G., Schneider, F.B.: Computability classes for enforcement mechanisms. ACM Trans. Program. Lang. Syst. 28, 175–205 (2006)

    Article  Google Scholar 

  15. Khoury, R., Hallé, S.: Runtime enforcement with partial control. Technical report, Université du Québec à Chicoutimi (2015)

    Google Scholar 

  16. Khoury, R., Tawbi, N.: Using equivalence relations for corrective enforcement of security policies. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2010. LNCS, vol. 6258, pp. 139–154. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  17. Khoury, R., Tawbi, N.: Corrective enforcement: A new paradigm of security policy enforcement by monitors. ACM Trans. Inf. Syst. Secur. 15(2), 10:1–10:27 (2012)

    Article  Google Scholar 

  18. Khoury, R., Tawbi, N.: Which security policies are enforceable by runtime monitors? a survey. Comput. Sci. Rev. 6(1), 27–45 (2012)

    Article  MATH  Google Scholar 

  19. Kiczales, G., Hilsdale, E.: Aspect-oriented programming. SIGSOFT Softw. Eng. Notes 26(5), 313 (2001)

    Article  Google Scholar 

  20. Kim, M., Kannan, S., Lee, I., Sokolsky, O., Viswanathan, M.: Computational analysis of run-time monitoring - fundamentals of java-mac. Electr. Notes Theor. Comput. Sci. 70(4), 80–94 (2002)

    Article  Google Scholar 

  21. Lamport, L.: Proving the correctness of multiprocess programs. IEEE Trans. Softw. Eng. 3(2), 125–143 (1977)

    Article  MathSciNet  MATH  Google Scholar 

  22. Ligatti, J., Bauer, L., Walker, D.: Edit automata: Enforcement mechanisms for run-time security policies. Int. J. Inf. Secur. 4(1–2), 2–16 (2004)

    Google Scholar 

  23. Ligatti, J., Bauer, L., Walker, D.: Run-time enforcement of nonsafety policies. ACM Trans. Inf. Syst. Secur. 12(3), 1–41 (2009)

    Article  Google Scholar 

  24. Ligatti, J., Reddy, S.: A theory of runtime enforcement, with results. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 87–100. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  25. Meredith, P., Roşu, G.: Runtime verification with the RV system. In: Barringer, H., et al. (eds.) RV 2010. LNCS, vol. 6418, pp. 136–152. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  26. Schneider, F.: Enforceable security policies. Inf. Syst. Secur. 3(1), 30–50 (2000)

    Article  Google Scholar 

  27. Talhi, C., Tawbi, N., Debbabi, M.: Execution monitoring enforcement for limited-memory systems. In: Proceedings of the PST 2006 Conference (Privacy, Security, Trust), October 2006

    Google Scholar 

  28. Talhi, C., Tawbi, N., Debbabi, M.: Execution monitoring enforcement under memory-limitation constraints. In: Proceedings of FCS-ARSPA 2006 (Joint Workshop on Foundations of Computer Security and Automated Reasoning for Security Protocol Analysis) associated with FLOC 2006 (Federated Logic Conference), August 2006

    Google Scholar 

  29. Talhi, C., Tawbi, N., Debbabi, M.: Execution monitoring enforcement under memory-limitations constraints. Inf. Comput. 206(1), 158–184 (2008)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Laboratoire d’informatique formelle, Département d’informatique et de mathématique, Université du Québec à Chicoutimi, Chicoutimi, Canada

    Raphaël Khoury & Sylvain Hallé

Authors
  1. Raphaël Khoury
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sylvain Hallé
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Raphaël Khoury .

Editor information

Editors and Affiliations

  1. Télécom SudParis, Evry, France

    Joaquin Garcia-Alfaro

  2. School of Computer Science, Carleton University, Ottawa, Ontario, Canada

    Evangelos Kranakis

  3. École des Mines de Nancy, Université de Lorraine, Nancy Cedex, France

    Guillaume Bonfante

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Khoury, R., Hallé, S. (2016). Runtime Enforcement with Partial Control. In: Garcia-Alfaro, J., Kranakis, E., Bonfante, G. (eds) Foundations and Practice of Security. FPS 2015. Lecture Notes in Computer Science(), vol 9482. Springer, Cham. https://doi.org/10.1007/978-3-319-30303-1_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-30303-1_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-30302-4

  • Online ISBN: 978-3-319-30303-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation