کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
---|---|---|---|---|
456101 | 695644 | 2011 | 14 صفحه PDF | دانلود رایگان |
![عکس صفحه اول مقاله: Extending the enforcement power of truncation monitors using static analysis Extending the enforcement power of truncation monitors using static analysis](/preview/png/456101.png)
Runtime monitors are a widely used approach to enforcing security policies. Truncation monitors are based on the idea of truncating an execution before a violation occurs. Thus, the range of security policies they can enforce is limited to safety properties. The use of an a priori static analysis of the target program is a possible way of extending the range of monitorable properties. This paper presents an approach to producing an in-lined truncation monitor, which draws upon the above intuition. Based on an a priori knowledge of the program behavior, this approach allows, in some cases, to enforce more than safety properties and is more powerful than a classical truncation mechanism. We provide and prove a theorem stating that a truncation enforcement mechanism considering only the set of possible executions of a specific program is strictly more powerful than a mechanism considering all the executions over an alphabet of actions.
Journal: Computers & Security - Volume 30, Issue 4, June 2011, Pages 194–207