Abstract
This paper presents a theory of runtime enforcement based on mechanism models called MRAs (Mandatory Results Automata). MRAs can monitor and transform security-relevant actions and their results. Because previous work could not model monitors transforming results, MRAs capture realistic behaviors outside the scope of previous models. MRAs also have a simple but realistic operational semantics that makes it straightforward to define concrete MRAs. Moreover, the definitions of policies and enforcement with MRAs are significantly simpler and more expressive than those of previous models. Putting all these features together, we argue that MRAs make good general models of runtime mechanisms, upon which a theory of runtime enforcement can be based. We develop some enforceability theory by characterizing the policies MRAs can and cannot enforce.
Keywords
Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Aktug, I., Dam, M., Gurov, D.: Provably correct runtime monitoring. In: Proceedings of the 15th International Symposium on Formal Methods (May 2008)
Alpern, B., Schneider, F.B.: Defining liveness. Information Processing Letters 21(4), 181–185 (1985)
Bauer, L., Ligatti, J., Walker, D.: Composing expressive runtime security policies. ACM Transactions on Software Engineering and Methodology 18(3), 1–43 (2009)
Beauquier, D., Cohen, J., Lanotte, R.: Security policies enforcement using finite edit automata. Electron. Notes Theor. Comput. Sci. 229(3), 19–35 (2009)
Dam, M., Jacobs, B., Lundblad, A., Piessens, F.: Security monitor inlining for multithreaded java. In: Proceedings of the European Conference on Object-Oriented Programming (ECOOP) (July 2009)
Devriese, D., Piessens, F.: Non-interference through secure multi-execution. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 109–124 (May 2010)
Erlingsson, Ú.: The Inlined Reference Monitor Approach to Security Policy Enforcement. PhD thesis, Cornell University (January 2004)
Fong, P.W.L.: Access control by tracking shallow execution history. In: Proceedings of the IEEE Symposium on Security and Privacy (May 2004)
Hamlen, K., Morrisett, G., Schneider, F.B.: Computability classes for enforcement mechanisms. ACM Transactions on Progamming Languages and Systems 28(1), 175–205 (2006)
Kiczales, G., Hilsdale, E., Hugunin, J., Kersten, M., Palm, J., Griswold, W.: An overview of AspectJ. In: Knudsen, J.L. (ed.) ECOOP 2001. LNCS, vol. 2072, p. 327. Springer, Heidelberg (2001)
Kim, M., Kannan, S., Lee, I., Sokolsky, O., Viswantathan, M.: Computational analysis of run-time monitoring—fundamentals of Java-MaC. Run-time Verification (June 2002)
Ligatti, J., Bauer, L., Walker, D.: Run-time enforcement of nonsafety policies. ACM Transactions on Information and System Security 12(3), 1–41 (2009)
Ligatti, J., Reddy, S.: A theory of runtime enforcement, with results. Technical Report USF-CSE-SS-102809, University of South Florida (June 2010), http://www.cse.usf.edu/~ligatti/papers/mra-tr.pdf
Ligatti, J., Rickey, B., Saigal, N.: LoPSiL: A location-based policy-specification language. In: International ICST Conference on Security and Privacy in Mobile Information and Communication Systems (MobiSec) (June 2009)
Saltzer, J., Schroeder, M.: The protection of information in computer systems. Proceedings of the IEEE 63(9), 1278–1308 (1975)
Schneider, F.B.: Enforceable security policies. ACM Transactions on Information and Systems Security 3(1), 30–50 (2000)
Talhi, C., Tawbi, N., Debbabi, M.: Execution monitoring enforcement under memory-limitation constraints. Information and Computation 206(2-4), 158–184 (2008)
Viswanathan, M.: Foundations for the Run-time Analysis of Software Systems. PhD thesis, University of Pennsylvania (2000)
Yu, D., Chander, A., Islam, N., Serikov, I.: Javascript instrumentation for browser security. In: Proceedings of the Symposium on Principles of Programming Languages, pp. 237–249 (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ligatti, J., Reddy, S. (2010). A Theory of Runtime Enforcement, with Results. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds) Computer Security – ESORICS 2010. ESORICS 2010. Lecture Notes in Computer Science, vol 6345. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15497-3_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-15497-3_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15496-6
Online ISBN: 978-3-642-15497-3
eBook Packages: Computer ScienceComputer Science (R0)