Modeling runtime enforcement with mandatory results automata

被引:35
作者
Dolzhenko, Egor [1 ,2 ]
Ligatti, Jay [1 ]
Reddy, Srikar [1 ]
机构
[1] Univ S Florida, Dept Comp Sci & Engn, Tampa, FL 33620 USA
[2] Univ S Florida, Dept Math & Stat, Tampa, FL USA
来源
INTERNATIONAL JOURNAL OF INFORMATION SECURITY | 2015年 / 14卷 / 01期
基金
美国国家科学基金会;
关键词
Enforceability theory; Monitoring; Runtime enforcement; Security automata; Models of enforcement;
D O I
10.1007/s10207-014-0239-8
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper presents a theory of runtime enforcement based on mechanism models called mandatory results automata (MRAs). MRAs can monitor and transform security-relevant actions and their results. The operational semantics of MRAs is simple and enables straightforward definitions of concrete MRAs. Moreover, the definitions of policies and enforcement with MRAs are simple and expressive. Putting all of these features together, we argue that MRAs make good general models of runtime mechanisms, upon which a theory of runtime enforcement can be based. We develop some enforceability theory by characterizing the policies deterministic and non-deterministic MRAs can and cannot enforce.
引用
收藏
页码:47 / 60
页数:14
相关论文
共 47 条
  • [21] Enforcement and validation (at runtime) of various notions of opacity
    Yliès Falcone
    Hervé Marchand
    Discrete Event Dynamic Systems, 2015, 25 : 531 - 570
  • [22] Securing Implantable Medical Devices with Runtime Enforcement Hardware
    Pearce, Hammond
    Kuo, Matthew M. Y.
    Roop, Partha S.
    Pinisetty, Srinivas
    17TH ACM-IEEE INTERNATIONAL CONFERENCE ON FORMAL METHODS AND MODELS FOR SYSTEM DESIGN (MEMOCODE), 2019,
  • [23] Industrial Control Systems Security via Runtime Enforcement
    Lanotte, Ruggero
    Merro, Massimo
    Munteanu, Andrei
    ACM TRANSACTIONS ON PRIVACY AND SECURITY, 2023, 26 (01)
  • [24] Online Synthesis for Runtime Enforcement of Safety in Multiagent Systems
    Raju, Dhananjay
    Bharadwaj, Sudarshanan
    Djeumou, Franck
    Topcu, Ufuk
    IEEE TRANSACTIONS ON CONTROL OF NETWORK SYSTEMS, 2021, 8 (02): : 621 - 632
  • [25] Runtime Enforcement of Reactive Systems using Synchronous Enforcers
    Pinisetty, Srinivas
    Roop, Partha S.
    Smyth, Steven
    Tripakis, Stavros
    von Hanxleden, Reinhard
    SPIN'17: PROCEEDINGS OF THE 24TH ACM SIGSOFT INTERNATIONAL SPIN SYMPOSIUM ON MODEL CHECKING OF SOFTWARE, 2017, : 80 - 89
  • [26] Fully automated runtime enforcement of component-based systems with formal and sound recovery
    Falcone, Ylies
    Jaber, Mohamad
    INTERNATIONAL JOURNAL ON SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER, 2017, 19 (03) : 341 - 365
  • [27] Fully automated runtime enforcement of component-based systems with formal and sound recovery
    Yliès Falcone
    Mohamad Jaber
    International Journal on Software Tools for Technology Transfer, 2017, 19 : 341 - 365
  • [28] Runtime Enforcement of Information Flow Security in Tree Manipulating Processes
    Kovacs, Mate
    Seidl, Helmut
    ENGINEERING SECURE SOFTWARE AND SYSTEMS, 2012, 7159 : 46 - 59
  • [29] Bounded-memory runtime enforcement with probabilistic and performance analysis
    Shankar, Saumya
    Pradhan, Ankit
    Pinisetty, Srinivas
    Rollet, Antoine
    Falcone, Ylies
    FORMAL METHODS IN SYSTEM DESIGN, 2024, 62 (1-3) : 141 - 180
  • [30] Runtime Enforcement of Security Policies on Black Box Reactive Programs
    Ngo, Minh
    Massacci, Fabio
    Milushev, Dimiter
    Piessens, Frank
    ACM SIGPLAN NOTICES, 2015, 50 (01) : 43 - 54
12345