Using Equivalence Relations for Corrective Enforcement of Security Policies
نویسندگان
چکیده
In this study, we present a new framework of runtime enforcement of security policies. Building on previous studies, we examine the enforcement power of monitors capable of transforming their target’s execution. We bound this ability by a restriction stating that any transformation must preserve equivalence between the monitor’s input and output. We proceed by giving examples of meaningful equivalence relations and identify the security policies that are enforceable with their use. We also relate our work to previous findings in this field. Finally, we investigate how an a priori knowledge of the target program’s behavior would increase the monitor’s enforcement power.
منابع مشابه
Equivalence-preserving corrective enforcement of security properties
Runtime monitoring is a widely used approach for the enforcement of security policies. It allows the safe execution of untrusted code by observing the execution and reacting if needed to prevent a violation of a user-defined security policy. Previous studies have determined that the set of security properties enforceable by monitors is greatly extended by giving the monitor some licence to tran...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملMonitoring of Security Properties Using BeepBeep
Runtime enforcement is an effective method to ensure the compliance of program with user-defined security policies. In this paper we show how the stream event processor tool BeepBeep can be used to monitor the security properties of Java programs. The proposed approach relies on AspectJ to generate a trace capturing the program’s runtime behavior. This trace is then processed by BeepBeep, a com...
متن کاملCorrective Enforcement of Security Policies
Monitoring is a powerful security policy enforcement paradigm that allows the execution of a potentially malicious software by observing and transforming it, thus ensuring its compliance with a user-defined security policy. Yet some restrictions must be imposed on the monitor’s ability to transform sequences, so that key elements of the execution’s semantics are preserved. An approximation of t...
متن کاملCost-Aware Runtime Enforcement of Security Policies
In runtime enforcement of security policies, the classic requirements on monitors in order to enforce a security policy are soundness and transparency. However, there are many monitors that successfully pass this specification but they differ in complexity of both their implementation and the output they produce. In order to distinguish and compare these monitors we propose to associate cost wi...
متن کامل