Skip to main content
SpringerLink
Log in

Modeling runtime enforcement with mandatory results automata

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

This paper presents a theory of runtime enforcement based on mechanism models called mandatory results automata (MRAs). MRAs can monitor and transform security-relevant actions and their results. The operational semantics of MRAs is simple and enables straightforward definitions of concrete MRAs. Moreover, the definitions of policies and enforcement with MRAs are simple and expressive. Putting all of these features together, we argue that MRAs make good general models of runtime mechanisms, upon which a theory of runtime enforcement can be based. We develop some enforceability theory by characterizing the policies deterministic and non-deterministic MRAs can and cannot enforce.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Aktug, I., Dam, M., Gurov, D.: Provably correct runtime monitoring. In: Proceedings of the 15th International Symposium on Formal Methods, May 2008

  2. Alpern, B., Schneider, F.B.: Defining liveness. Inf. Process. Lett. 21(4), 181–185 (Oct. 1985)

  3. Basin, D., Jugé, V., Klaedtke, F., Zălinescu, E.: Enforceable security policies revisited. ACM Trans. Inf. Syst. Secur. 16(1) 3:1–3:26 (2013)

    Google Scholar 

  4. Bauer, L., Ligatti, J., Walker, D.: Composing security policies with polymer. In: Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (2005)

  5. Bauer, L., Ligatti, J., Walker, D.: Composing expressive runtime security policies. ACM Trans. Softw. Eng. Methodol. 18(3), 1–43 (2009)

    Article  Google Scholar 

  6. Beauquier, D., Cohen, J., Lanotte, R.: Security policies enforcement using finite edit automata. Electron. Notes Theor. Comput. Sci. 229(3), 19–35 (2009)

    Article  MathSciNet  Google Scholar 

  7. Bielova, N., Massacci, F.: Predictability of enforcement. In: Proceedings of the International Symposium on Engineering Secure Software and Systems, vol. 6542, pp. 73–86. Springer (2011)

  8. Bielova, N., Massacci, F.: Iterative enforcement by suppression: towards practical enforcement theories. J. Comput. Secur. 20(1), 51–79 (2012)

    Google Scholar 

  9. Biskup, J.: Security in Computing Systems: Challenges, Approaches and Solutions. Springer, Berlin (2009)

    Google Scholar 

  10. Dam, M., Jacobs, B., Lundblad, A., Piessens, F.: Security monitor inlining for multithreaded java. In: Proceedings of the European Conference on Object-Oriented Programming (ECOOP), July 2009

  11. Devriese, D., Piessens, F.: Non-interference through secure multi-execution. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 109–124, May 2010

  12. Erlingsson, Ú.: The inlined reference monitor approach to security policy enforcement. Ph.D. thesis, Cornell University, Jan. 2004

  13. Finnis, J., Saigal, N., Iamnitchi, A., Ligatti, J.: A location-based policy-specification language for mobile devices. Pervasive Mob. Comput. J. 8(3), 402–414 (June 2012)

    Google Scholar 

  14. Fong, P.W.L.: Access control by tracking shallow execution history. In: Proceedings of the IEEE Symposium on Security and Privacy, May 2004

  15. Hamlen, K., Morrisett, G., Schneider, F.B.: Computability classes for enforcement mechanisms. ACM Trans. Progr. Lang. Syst. 28(1), 175–205 (Jan. 2006)

    Google Scholar 

  16. Khoury, R., Tawbi, N.: Corrective enforcement of security policies. In: Pierpaolo, D., Sandro, E., Joshua, G.(eds.) Formal Aspects of Security and Trust, Lecture Notes in Computer Science, vol. 6561, pp. 176–190. Springer Berlin, Heidelberg (2011). doi:10.1007/978-3-64219751-2_12

  17. Kiczales, G., Hilsdale, E., Hugunin, J., Kersten, M., Palm, J., Griswold, W.: An overview of AspectJ. In: European Conference on Object-oriented Programming. Springer (2001)

  18. Kim, M., Kannan, S., Lee, I., Sokolsky, O., Viswantathan M.: Computational analysis of run-time monitoring: fundamentals of Java-MaC Electron. Notes Theor. Comput. Sci. 70(4), 80–94 (2002). doi:10.1016/S1571-0661(04)80578-4

  19. Lamport, L.: Logical foundation. In: Lecture Notes in Computer Science, vol. 190, pp. 119–130 (1985)

  20. Ligatti, J., Bauer, L., Walker, D.: Run-time enforcement of nonsafety policies. ACM Trans. Inf. Syst. Secur. 12(3), 1–41 (Jan. 2009)

    Google Scholar 

  21. Ligatti, J., Reddy, S.: A theory of runtime enforcement, with results. In: Proceedings of the European Symposium on Research in Computer Security (ESORICS), Sept. 2010

  22. Pretschner, A., Buechler, M., Harvan, M., Schaefer, C., Walter, T.: Usage control enforcement with data flow tracking for x11. In: Proceedings of 5th International Workshop on Security and Trust Management, pp. 124–137 (2009)

  23. Pretschner, A., Hilty, M., Basin, D., Schaefer, C., Walter, T.: Mechanisms for usage control. In: Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security (2008)

  24. Schneider, F.B.: Enforceable security policies. ACM Trans. Inf. Syst. Secur. 3(1), 30–50 (2000)

    Article  Google Scholar 

  25. Talhi, C., Tawbi, N., Debbabi, M.: Execution monitoring enforcement under memory-limitation constraints. Inf. Comput. 206(2–4), 158–184 (2008)

    Article  MATH  MathSciNet  Google Scholar 

  26. Viswanathan, M.: Foundations for the run-time analysis of software systems. Ph.D. thesis, University of Pennsylvania (2000)

  27. Yu, D., Chander, A., Islam, N., Serikov, I.: Javascript instrumentation for browser security. In: Proceedings of the Symposium on Principles of Programming Languages, pp. 237–249 (2007)

Download references

Acknowledgments

We’re grateful to the anonymous reviewers for their many helpful comments. This research was supported by US National Science Foundation Grants CNS-0716343, CNS-0831785, and CNS-0742736.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, University of South Florida, Tampa, FL, USA

    Egor Dolzhenko, Jay Ligatti & Srikar Reddy

  2. Department of Mathematics and Statistics, University of South Florida, Tampa, FL, USA

    Egor Dolzhenko

Authors
  1. Egor Dolzhenko
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jay Ligatti
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Srikar Reddy
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jay Ligatti.

Appendix: Summary of symbols

Appendix: Summary of symbols

See Table 1.

Table 1 Symbols and their meaning
Full size table

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Dolzhenko, E., Ligatti, J. & Reddy, S. Modeling runtime enforcement with mandatory results automata. Int. J. Inf. Secur. 14, 47–60 (2015). https://doi.org/10.1007/s10207-014-0239-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-014-0239-8

Keywords

Search

Navigation