Principles of Data Flow Integrity: Specification and Enforcement

被引:0
|
作者
Ramezanifarkhani, Toktam [1 ]
Razzazi, Mohammadreza [1 ]
机构
[1] Amirkabir Univ Technol, Dept Comp Engn & IT, Tehran 158754413, Iran
来源
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING | 2015年 / 31卷 / 02期
关键词
data flow analysis; data flow integrity; reference monitor; security policy; dynamic enforcement;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Subverting runtime data flow is common in many current software attacks. Data Flow Integrity (DFI) is a policy whose satisfaction can prevent such attacks. This paper develops a formal foundation on DFI specification, and characteristics of its enforcement techniques with formulations of hypotheses and guarantees. Enforcement techniques are based on static analysis and program monitoring at runtime. This foundation can be used for practical satisfaction of DFI and help establish guarantees in every applied platform.
引用
收藏
页码:529 / 546
页数:18
相关论文
共 50 条
  • [1] Flow policies: Specification and enforcement
    Bertino, E
    Ferrari, E
    Mella, G
    [J]. CONFERENCE PROCEEDINGS OF THE 2004 IEEE INTERNATIONAL PERFORMANCE, COMPUTING, AND COMMUNICATIONS CONFERENCE, 2004, : 681 - 686
  • [2] Adapting integrity enforcement techniques for data reconciliation
    Embury, SM
    Brandt, SM
    Robinson, JS
    Sutherland, I
    Bisby, FA
    Gray, WA
    Jones, AC
    White, RJ
    [J]. INFORMATION SYSTEMS, 2001, 26 (08) : 657 - 689
  • [3] ENFORCEMENT OF INTEGRITY CONSTRAINTS IN A SEMANTIC DATA MODEL
    SUDKAMP, N
    KANDZIA, P
    [J]. LECTURE NOTES IN COMPUTER SCIENCE, 1989, 385 : 313 - 328
  • [4] Control Flow Integrity Enforcement with Dynamic Code Optimization
    Lin, Yan
    Tang, Xiaoxiao
    Gao, Debin
    Fu, Jianming
    [J]. INFORMATION SECURITY, (ISC 2016), 2016, 9866 : 366 - 385
  • [5] Control Flow and Pointer Integrity Enforcement in a Secure Tagged Architecture
    Gollapudi, Ravi Theja
    Yuksek, Gokturk
    Demicco, David
    Cole, Matthew
    Kothari, Gaurav
    Kulkarni, Rohit
    Zhang, Xin
    Ghose, Kanad
    Prakash, Aravind
    Umrigar, Zerksis
    [J]. 2023 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, SP, 2023, : 2974 - 2989
  • [6] GEODAC: A Data Assurance Policy Specification and Enforcement Framework for Outsourced Services
    Li, Jun
    Stephenson, Bryan
    Motahari-Nezhad, Hamid R.
    Singhal, Sharad
    [J]. IEEE TRANSACTIONS ON SERVICES COMPUTING, 2011, 4 (04) : 340 - 354
  • [7] Unified specification of control and data flow
    Grotker, T
    Schoenen, R
    Meyr, H
    [J]. 1997 IEEE INTERNATIONAL CONFERENCE ON ACOUSTICS, SPEECH, AND SIGNAL PROCESSING, VOLS I - V: VOL I: PLENARY, EXPERT SUMMARIES, SPECIAL, AUDIO, UNDERWATER ACOUSTICS, VLSI; VOL II: SPEECH PROCESSING; VOL III: SPEECH PROCESSING, DIGITAL SIGNAL PROCESSING; VOL IV: MULTIDIMENSIONAL SIGNAL PROCESSING, NEURAL NETWORKS - VOL V: STATISTICAL SIGNAL AND ARRAY PROCESSING, APPLICATIONS, 1997, : 271 - 274
  • [8] RvDfi: A RISC-V Architecture With Security Enforcement by High Performance Complete Data-Flow Integrity
    Feng, Lang
    Huang, Jiayi
    Li, Luyi
    Zhang, Haochen
    Wang, Zhongfeng
    [J]. IEEE TRANSACTIONS ON COMPUTERS, 2022, 71 (10) : 2499 - 2512
  • [9] Authorization Constraints Specification and Enforcement
    Zhou, Wei
    Meinel, Christoph
    Xiang, Yidong
    Shao, Yang
    [J]. JOURNAL OF INFORMATION ASSURANCE AND SECURITY, 2008, 3 (01): : 38 - 50
  • [10] Control-Flow Integrity Principles, Implementations, and Applications
    Abadi, Martin
    Budiu, Mihai
    Erlingsson, Ulfar
    Ligatti, Jay
    [J]. ACM TRANSACTIONS ON INFORMATION AND SYSTEM SECURITY, 2009, 13 (01)
12345