Advertisement

ActionScript In-Lined Reference Monitoring in Prolog

  • Meera Sridhar
  • Kevin W. Hamlen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5937)

Abstract

A Prolog implementation of an In-lined Reference Monitoring system prototype for Adobe ActionScript Bytecode programs is presented. Prolog provides an elegant framework for implementing IRM’s. Its declarative and reversible nature facilitate the dual tasks of binary parsing and code generation, greatly simplifying many otherwise difficult IRM implementation challenges. The approach is demonstrated via the enforcement of several security policies on real-world Adobe Flash applets and AIR applications.

Keywords

Security Policy Dual Task Abstract Syntax Tree Trust Computing Base Prolog Implementation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    DeVries, B.W., Gupta, G., Hamlen, K.W., Moore, S., Sridhar, M.: ActionScript bytecode verification with co-logic programming. In: Proc. of the ACM SIGPLAN Workshop on Prog. Languages and Analysis for Security, PLAS (2009)Google Scholar
  2. 2.
    Hamlen, K.W., Morrisett, G., Schneider, F.B.: Certified in-lined reference monitoring on .NET. In: Proc. of the ACM SIGPLAN Workshop on Prog. Languages and Analysis for Security, PLAS (2006)Google Scholar
  3. 3.
    Hamlen, K.W., Morrisett, G., Schneider, F.B.: Computability classes for enforcement mechanisms. ACM Trans. Prog. Languages and Sys. 28(1), 175–205 (2006)CrossRefGoogle Scholar
  4. 4.
    Schneider, F.B.: Enforceable security policies. ACM Trans. on Information and System Security 3, 30–50 (2000)CrossRefGoogle Scholar
  5. 5.
    Shapiro, L., Sterling, E.Y.: The Art of PROLOG: Advanced Programming Techniques. The MIT Press, Cambridge (1994)zbMATHGoogle Scholar
  6. 6.
    Sridhar, M., Hamlen, K.W.: Model-checking in-lined reference monitors. In: Proc. Verification, Model-Checking and Abstract Interpretation (to appear, 2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Meera Sridhar
    • 1
  • Kevin W. Hamlen
    • 1
  1. 1.The University of Texas at DallasRichardsonU.S.A.

Personalised recommendations