Entry Ligatti:2009:RTE from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017                Valid HTML 3.2!

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Ligatti:2009:RTE,
  author =       "Jay Ligatti and Lujo Bauer and David Walker",
  title =        "Run-Time Enforcement of Nonsafety Policies",
  journal =      j-TISSEC,
  volume =       "12",
  number =       "3",
  pages =        "19:1--19:??",
  month =        jan,
  year =         "2009",
  CODEN =        "ATISBQ",
  DOI =          "https://doi.org/10.1145/1455526.1455532",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Mon Feb 2 18:03:37 MST 2009",
  bibsource =    "http://portal.acm.org/;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib",
  abstract =     "A common mechanism for ensuring that software behaves
                 securely is to monitor programs at run time and check
                 that they dynamically adhere to constraints specified
                 by a security policy. Whenever a program monitor
                 detects that untrusted software is attempting to
                 execute a dangerous action, it takes remedial steps to
                 ensure that only safe code actually gets
                 executed.\par

                 This article improves our understanding of the space of
                 policies enforceable by monitoring the run-time
                 behaviors of programs. We begin by building a formal
                 framework for analyzing policy enforcement: we
                 precisely define policies, monitors, and enforcement.
                 This framework allows us to prove that monitors enforce
                 an interesting set of policies that we call the
                 infinite renewal properties. We show how to construct a
                 program monitor that provably enforces any reasonable
                 infinite renewal property. We also show that the set of
                 infinite renewal properties includes some nonsafety
                 policies, that is, that monitors can enforce some
                 nonsafety (including some purely liveness) policies.
                 Finally, we demonstrate concrete examples of nonsafety
                 policies enforceable by practical run-time monitors.",
  acknowledgement = ack-nhfb,
  articleno =    "19",
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
  keywords =     "liveness; monitoring; policy enforcement; safety;
                 security automata; security policies",
}

Related entries