Using Edit Automata for Rewriting-Based Security Enforcement

被引：0

作者：

Ould-Slimane, Hakima ^{[1
]}

Mejri, Mohamed ^{[1
]}

Adi, Kamel ^{[2
]}

机构：

[1] Univ Laval, Dept Comp Sci, Quebec City, PQ, Canada

[2] Univ Quebec, Dept Comp Sci, Outaouais, PQ, Canada

来源：

DATA AND APPLICATIONS SECURITY XXIII, PROCEEDINGS | 2009年 / 5645卷

关键词：

Execution monitoring; edit automata; security properties; program rewriting;

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Execution monitoring (EM) is a widely adopted class of security mechanisms. EM-enforceable security properties are usually characterized by security automata and their derivatives. However Edit automata (EA) have been recently proposed to specify more powerful EMs. Being able to feign the execution of sensitive program actions, these EMs are supposed to enforce more security properties. However, feigning program actions will usually make the program behaving in discordance with its specification since the effects of feigned actions are not reflected in the program states. In this paper we highlight this problem and show how program rewriting(1) can be a reliable enforcement alternative. The paper contribution is mainly a semantics foundation for program rewriting enforcement of EA-enforceable security properties.

引用

页码：175 / +

页数：3

共 50 条

[1] REWRITING-BASED SECURITY ENFORCEMENT OF CONCURRENT SYSTEMS A Formal Approach
Langar, Mahjoub
Mejri, Mohamed
Adi, Kamel
[J]. SECRYPT 2010: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2010, : 66 - 74
[2] Security Policies Enforcement Using Finite Edit Automata
Beauquier, Daniele
Cohen, Joelle
Lanotte, Ruggero
[J]. ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2009, 229 (03) : 19 - 35
[3] Security policies enforcement using finite and pushdown edit automata
Danièle Beauquier
Joëlle Cohen
Ruggero Lanotte
[J]. International Journal of Information Security, 2013, 12 : 319 - 336
[4] Security policies enforcement using finite and pushdown edit automata
Beauquier, Daniele
Cohen, Joelle
Lanotte, Ruggero
[J]. INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2013, 12 (04) : 319 - 336
[5] Rewriting-Based Enforcement of Noninterference in Programs with Observable Intermediate Values
Lamei, Afshin
Fallah, Mehran S.
[J]. JOURNAL OF UNIVERSAL COMPUTER SCIENCE, 2016, 22 (07) : 956 - 991
[6] Edit automata: Enforcement mechanisms for run-time security policies
Ligatti J.
Bauer L.
Walker D.
[J]. International Journal of Information Security, 2005, 4 (1-2) : 2 - 16
[7] Rewriting-Based Access Control Policies
de Oliveira, Anderson Santana
[J]. ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2007, 171 (04) : 59 - 72
[8] Rewriting-based techniques for runtime verification
Roşu G.
Havelund K.
[J]. Automated Software Engineering, 2005, 12 (2) : 151 - 197
[9] Rewriting-based optimization for XQuery transformational queries
Grinev, M
Pleshachkov, P
[J]. 9th International Database Engineering & Application Symposium, Proceedings, 2005, : 163 - 174
[10] A Rewriting-Based Model Checker for the Linear Temporal Logic of Rewriting
Bae, Kyungmin
Meseguer, Jose
[J]. ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2012, 290 : 19 - 36

← 1 2 3 4 5 →