Modeling runtime enforcement with mandatory results automata

被引：36

作者：

Dolzhenko, Egor ^{[1
,2
]}

Ligatti, Jay ^{[1
]}

Reddy, Srikar ^{[1
]}

机构：

[1] Univ S Florida, Dept Comp Sci & Engn, Tampa, FL 33620 USA

[2] Univ S Florida, Dept Math & Stat, Tampa, FL USA

来源：

INTERNATIONAL JOURNAL OF INFORMATION SECURITY | 2015年 / 14卷 / 01期

基金：

美国国家科学基金会;

关键词：

Enforceability theory; Monitoring; Runtime enforcement; Security automata; Models of enforcement;

D O I：

10.1007/s10207-014-0239-8

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

This paper presents a theory of runtime enforcement based on mechanism models called mandatory results automata (MRAs). MRAs can monitor and transform security-relevant actions and their results. The operational semantics of MRAs is simple and enables straightforward definitions of concrete MRAs. Moreover, the definitions of policies and enforcement with MRAs are simple and expressive. Putting all of these features together, we argue that MRAs make good general models of runtime mechanisms, upon which a theory of runtime enforcement can be based. We develop some enforceability theory by characterizing the policies deterministic and non-deterministic MRAs can and cannot enforce.

引用

页码：47 / 60

页数：14

共 48 条

[31] Controlling Interactions with Libraries in Android Apps Through Runtime Enforcement [J].

Riganelli, Oliviero ;

Micucci, Daniela ;

Mariani, Leonardo .

ACM TRANSACTIONS ON AUTONOMOUS AND ADAPTIVE SYSTEMS, 2019, 14 (02)

[32] Asynchronous Wait-Free Runtime Verification and Enforcement of Linearizability [J].

Castaneda, Armando ;

Valeria Rodriguez, Gilde .

PROCEEDINGS OF THE 2023 ACM SYMPOSIUM ON PRINCIPLES OF DISTRIBUTED COMPUTING, PODC 2023, 2023, :90-101

[33] BPFGuard: Multi-Granularity Container Runtime Mandatory Access Control [J].

Lu, Hui ;

Du, Xiaojiang ;

Hu, Dawei ;

Su, Shen ;

Tian, Zhihong .

IEEE TRANSACTIONS ON CLOUD COMPUTING, 2025, 13 (02) :629-640

[34] Compositional runtime enforcement of safety and co-safety timed properties [J].

Shankar, Saumya ;

Pinisetty, Srinivas .

INTERNATIONAL JOURNAL ON SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER, 2025, 27 (02) :169-199

[35] Adaptive Industrial Control Systems via IEC 61499 and Runtime Enforcement [J].

Faqrizal, Irman ;

Salaün, Gwen ;

Falcone, Yliès .

ACM Transactions on Autonomous and Adaptive Systems, 2024, 19 (04)

[36] Gate automata-driven run-time enforcement [J].

Costa, Gabriele ;

Matteucci, Ilaria .

COMPUTERS & MATHEMATICS WITH APPLICATIONS, 2012, 63 (02) :518-524

[37] Towards a Security Framework for Artifact-centric Workflows Leveraging Runtime Enforcement [J].

Gupta, Gaurav ;

Shankar, Saumya ;

Pinisetty, Srinivas .

JOURNAL OF OBJECT TECHNOLOGY, 2024, 23 (02)

[38] Edit automata: Enforcement mechanisms for run-time security policies [J].

Ligatti J. ;

Bauer L. ;

Walker D. .

International Journal of Information Security, 2005, 4 (1-2) :2-16

[39] A non-intrusive runtime enforcement on behaviors of open supervisory control and data acquisition systems [J].

Mao, Yan-Fang ;

Zhang, Yang ;

Chen, Jun-Liang .

INTERNATIONAL JOURNAL OF DISTRIBUTED SENSOR NETWORKS, 2016, 12 (08)

[40] INVITED: Safety Guard: Runtime Enforcement for Safety-Critical Cyber-Physical Systems [J].

Wu, Meng ;

Zeng, Haibo ;

Wang, Chao ;

Yu, Huafeng .

PROCEEDINGS OF THE 2017 54TH ACM/EDAC/IEEE DESIGN AUTOMATION CONFERENCE (DAC), 2017,

← 1 2 3 4 5 →