Model-Checking In-Lined Reference Monitors
نویسندگان
چکیده
A technique for elegantly expressing In-lined Reference Monitor (IRM) certification as model-checking is presented and implemented. In-lined Reference Monitors (IRM’s) enforce software security policies by in-lining dynamic security guards into untrusted binary code. Certifying IRM systems provide strong formal guarantees for such systems by verifying that the instrumented code produced by the IRM system satisfies the original policy. Expressing this certification step as model-checking allows well-established model-checking technologies to be applied to this often difficult certification task. The technique is demonstrated through the enforcement and certification of a URL anti-redirection policy for ActionScript web applets.
منابع مشابه
Cheko : Aspect-Oriented Runtime Monitor Certification via Model-Checking (Extended Version)
In-lining runtime monitors into untrusted binary programs via aspectweaving is an increasingly popular technique for efficiently and flexibly securing untrusted mobile code. However, the complexity of the monitor implementation and in-lining process in these frameworks can lead to vulnerabilities and low assurance for code-consumers. This paper presents a machine-verification technique for aspe...
متن کاملTowards Security-aware Program Visualization for Analyzing In-lined Reference Monitors
In-lined Reference Monitoring frameworks are an emerging technology for enforcing security policies over untrusted, mobile, binary code. However, formulating correct policy specifications for such frameworks to enforce remains a daunting undertaking with few supporting tools. A visualization approach is proposed to aid in this task; preliminary results are presented in this short paper. In cont...
متن کاملSpecification of Embedded Monitors for Property Checking
In the formal verification domain the use of monitors represents a powerful technique where model I/O sequences are monitored and triggers are raised to allow a simplification in the construction of formal properties. This reduces the chances of incorrect system specifications and can sometimes reduce also the actual model checking time. The drawback of this technique lies in its heterogeneity....
متن کاملA Smell of Orchids
ORCHIDS is an intrusion detection tool based on techniques for fast, on-line model-checking. ORCHIDS detects complex, correlated strands of events with very low overhead in practice, although its detection algorithm has worstcase exponential time complexity. The purpose of this paper is twofold. First, we explain the salient features of the basic model-checking algorithm in an intuitive way, as...
متن کامل