Modeling runtime enforcement with mandatory results automata

被引:35
|
作者
Dolzhenko, Egor [1 ,2 ]
Ligatti, Jay [1 ]
Reddy, Srikar [1 ]
机构
[1] Univ S Florida, Dept Comp Sci & Engn, Tampa, FL 33620 USA
[2] Univ S Florida, Dept Math & Stat, Tampa, FL USA
来源
INTERNATIONAL JOURNAL OF INFORMATION SECURITY | 2015年 / 14卷 / 01期
基金
美国国家科学基金会;
关键词
Enforceability theory; Monitoring; Runtime enforcement; Security automata; Models of enforcement;
D O I
10.1007/s10207-014-0239-8
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper presents a theory of runtime enforcement based on mechanism models called mandatory results automata (MRAs). MRAs can monitor and transform security-relevant actions and their results. The operational semantics of MRAs is simple and enables straightforward definitions of concrete MRAs. Moreover, the definitions of policies and enforcement with MRAs are simple and expressive. Putting all of these features together, we argue that MRAs make good general models of runtime mechanisms, upon which a theory of runtime enforcement can be based. We develop some enforceability theory by characterizing the policies deterministic and non-deterministic MRAs can and cannot enforce.
引用
收藏
页码:47 / 60
页数:14
相关论文
共 50 条
  • [41] Runtime Enforcement of Cyber-Physical Systems
    Pinisetty, Srinivas
    Roop, Partha S.
    Smyth, Steven
    Allen, Nathan
    Tripakis, Stavros
    Von Hanxleden, Reinhard
    ACM TRANSACTIONS ON EMBEDDED COMPUTING SYSTEMS, 2017, 16
  • [42] Runtime Enforcement for Component-Based Systems
    Charafeddine, Hadil
    El-Harake, Khalil
    Falcone, Ylies
    Jaber, Mohamad
    30TH ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING, VOLS I AND II, 2015, : 1789 - 1796
  • [43] A modular pipeline for enforcement of security properties at runtime
    Rania Taleb
    Sylvain Hallé
    Raphaël Khoury
    Annals of Telecommunications, 2023, 78 : 429 - 457
  • [44] An Android runtime security policy enforcement framework
    Banuri, Hammad
    Alam, Masoom
    Khan, Shahryar
    Manzoor, Jawad
    Ali, Bahar
    Khan, Yasar
    Yaseen, Mohsin
    Tahir, Mir Nauman
    Ali, Tamleek
    Alam, Quratulain
    Zhang, Xinwen
    PERSONAL AND UBIQUITOUS COMPUTING, 2012, 16 (06) : 631 - 641
  • [45] An Overview of Runtime Data Protection Enforcement Approaches
    Sion, Laurens
    Van Landuyt, Dimitri
    Joosen, Wouter
    2021 IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (EUROS&PW 2021), 2021, : 351 - 358
  • [46] Enforcement and validation (at runtime) of various notions of opacity
    Falcone, Ylies
    Marchand, Herve
    DISCRETE EVENT DYNAMIC SYSTEMS-THEORY AND APPLICATIONS, 2015, 25 (04): : 531 - 570
  • [47] A component framework for the runtime enforcement of safety properties
    Bonfanti, Silvia
    Riccobene, Elvinia
    Scandurra, Patrizia
    JOURNAL OF SYSTEMS AND SOFTWARE, 2023, 198
  • [48] Enforcement and validation (at runtime) of various notions of opacity
    Yliès Falcone
    Hervé Marchand
    Discrete Event Dynamic Systems, 2015, 25 : 531 - 570
  • [49] An Android runtime security policy enforcement framework
    Security Engineering Research Group , Institute of Management Sciences, 1-A, E-5, Phase VII, Hayatabad, Peshawar, Pakistan
    不详
    Pers. Ubiquitous Comp., 6 (631-641):
  • [50] Transforming Timeline Specifications into Automata for Runtime Monitoring
    Bodden, Eric
    Vangheluwe, Hans
    APPLICATIONS OF GRAPH TRANSFORMATIONS WITH INDUSTRIAL RELEVANCE, 2008, 5088 : 249 - 264
12345