Checking security policies through an enhanced Control Flow Analysis

被引：4

作者：

Bodei, Chiara ^{[1
]}

Degano, Pierpaolo ^{[1
]}

Priami, Corrado ^{[2
]}

机构：

[1] Univ Pisa, Dipartimento Informat, Via F Buonarroti 2, I-56127 Pisa, Italy

[2] Univ Trento, Dipartimento Informat & Telecomunicaz, I-1438050 Povo, TN, Italy

来源：

JOURNAL OF COMPUTER SECURITY | 2005年 / 13卷 / 01期

关键词：

Control Flow Analysis; security; access control policies; enhanced semantics;

D O I：

10.3233/JCS-2005-13103

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

We introduce a Control Flow Analysis that statically approximates the dynamic behaviour of mobile processes, expressed in (a variant of) the pi-calculus. Our analysis of a system is able to describe the essential behaviour of each sub-system, tracking where and between which sub-processes communications may occur. This means that we can safely approximate the behaviour of a system plugged in a larger and mainly unknown context, without explicitly analysing it. Several possible properties can be investigated using this approximation, among which some related to confidentiality and to access control policies.

引用

页码：49 / 85

页数：37

共 50 条

[21] Analyzing Protocol Security Through Information-Flow Control
Kumar, N. V. Narendra
Shyamasundar, R. K.
DISTRIBUTED COMPUTING AND INTERNET TECHNOLOGY, (ICDCIT 2017), 2017, 10109 : 159 - 171
[22] Checking and Enforcing Security Through Opacity in Healthcare Applications
Zrelli, Rym
Yeddes, Moez
Ben Hadj-Alouane, Nejib
SERVICE-ORIENTED COMPUTING - ICSOC 2017 WORKSHOPS, 2018, 10797 : 161 - 173
[23] Extension Breakdown: Security Analysis of Browsers Extension Resources Control Policies
Sanchez-Rola, Iskander
Santos, Igor
Balzarotti, Davide
PROCEEDINGS OF THE 26TH USENIX SECURITY SYMPOSIUM (USENIX SECURITY '17), 2017, : 679 - 694
[24] Nonlinear Codes for Control Flow Checking
Di Natale, Giorgio
Keren, Osnat
2020 IEEE EUROPEAN TEST SYMPOSIUM (ETS 2020), 2020,
[25] Control flow checking in multitasking systems
Technical Univ of Budapest, Budapest, Hungary
Period Polytech Electr Eng, 1 (27-36):
[26] Control flow error checking with ISIS
Rodríguez, R
Serrano, JJ
EMBEDDED SOFTWARE AND SYSTEMS, PROCEEDINGS, 2005, 3820 : 659 - 670
[27] Control Flow Checking or Not? (for Soft Errors)
Rhisheekesan, Abhishek
Jeyapaul, Reiley
Shrivastava, Aviral
ACM TRANSACTIONS ON EMBEDDED COMPUTING SYSTEMS, 2019, 18 (01)
[28] Control Flow Checking at Virtual Edges
Liu, LiPing
Ci, LinLin
Liu, Wei
Yang, Hui
KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, 2017, 11 (01): : 396 - 413
[29] AN APPROACH TO CONCURRENT CONTROL FLOW CHECKING
YAU, SS
CHEN, FC
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1980, 6 (02) : 126 - 137
[30] An economic analysis of security policies
Brueck, Tilman
ECONOMIC ANALYSIS OF TERRORISM, 2006, : 262 - 281

← 1 2 3 4 5 →