Access control by tracking shallow execution history

Proceedings - IEEE Symposium on Security and Privacy

Volumn 2004, Issue , 2004, Pages 43-55

  Fong, Philip W L ^a  

^a UNIVERSITY OF REGINA   (Canada)

Author keywords

[No Author keywords available]

Indexed keywords

EXECUTION MONITORING (EM); LOW-WATER-MARK POLICIES; SECURITY POLICIES; SOFTWARE EXECUTION;

AUTOMATA THEORY; CODES (SYMBOLS); COMPUTER OPERATING SYSTEMS; MATHEMATICAL MODELS; MONITORING; PUBLIC POLICY; SECURITY OF DATA; SEMANTICS;

SUPERVISORY AND EXECUTIVE PROGRAMS;

EID: 3543121920     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SECPRI.2004.1301314     Document Type: Conference Paper

References (32)

1. M. Abadi and C. Fournet. Access control based on execution history. In Proceedings of the 10th Annual Network and Distributed System Security Symposium, San Diego, California, Feb. 2003.
2. B. Alpern and F. B. Schneider. Recognizing safety and liveness. Distributed Computing, 2(3):117-126, 1987.
3. L. Bauer, J. Ligatti, and D. Walker. More enforceable security policies. In Proceedings of the Workshop on Foundations of Computer Security (FCS'02), Copenhagen, Denmark, July 2002.
4. M. Bernaschi, E. Gabrielli, and L. V. Mancini. REMUS: A security-enhanced operating system. ACM Transactions on Information and System Security, 5(1):36-61, Feb. 2002.
5. K. Biba. Integrity considerations for secure computer systems. Technical Report 76-372, U. S. Air Force Electronic Systems Division, 1977.
6. W. E. Boebert and R. Y. Kain. A practical alternative to hierarchical integrity policies. In Proceedings of the 8th National Computer Security Conference, pages 18-27, Oct. 1985.
7. D. F. C. Brewer and M. J. Nash. The Chinese Wall security policy. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 206-214, Oakland, California, May 1989.
8. J. R. Büchi. Finite Automata, Their Algebra and Grammars. Springer-Verlag, 1988.
9. S. Burns and H. P. Sankappanavar. A Course in Universal Algebra. Springer-Verlag, 1981.
10. ECMA. Standard ECMA-335: Common Language Infrastructure (CLI), 2nd edition, Dec. 2002.
11. G. Edjladi, A. Acharya, and V. Chaudhary. History-based access control for mobile code. In Proceedings of the 5th ACM Conference on Computer and Communications Security, San Francisco, CA, USA, 1998.
12. A. Edwards, T. Jaeger, and X. Zhang. Runtime verification of authorization hook placement for the Linux security modules framework. In Proceedings of the 9th ACM Conference on Computer and Communications Security, pages 225-234, Washington, DC, Nov. 2002.
13. D. Evans and A. Twyman. Flexible policy-directed code safety. In Proceedings of the 1999 IEEE Symposium on Security and Privacy, pages 32-45, Oakland, California, May 1999.
14. C. Fournet and A. D. Gordon. Stack inspection: Theory and variants. ACM Transactions on Programming Languages and Systems, 25(3):360-399, May 2003.
15. T. Fraser. LOMAC: Low water-mark integrity protection for COTS environments. In Proceedings of the 2000 IEEE Symposium on Security and Privacy, Oakland, California, 2000.
16. K. W. Hamlen, G. Morrisett, and F. B. Schneider. Computability classes for enforcement mechanisms. Technical Report TR 2003-1908, Computer Science Department, Cornell University, Aug. 2003.
17. M. A. Harrison. Introduction to Switching and Automata Theory. McGraw-Hill, 1965.
18. J. Ligatti, L. Bauer, and D. Walker. Edit automata: Enforcement mechanisms for run-time security policies. International Journal of Information Security, 2003. To appear.
19. T. Y. Lin. Chinese Wall security policy - an aggressive model. In Proceedings of the Fifth Annual Computer Security Applications Conference, pages 282-289, Dec. 1989.
20. T. Lindholm and F. Yellin. The Java Virtual Machine Specification. Addison Wesley, 2nd edition, 1999.
21. J. McLean. The algebra of security. In Proceedings of the 1988 IEEE Symposium on Security and Privacy, pages 2-7, Oakland, CA, Apr. 1988.
22. F. Nielson, H. R. Nielson, and C. Hankin. Principles of Program Analysis. Springer, 1999.
23. A. Rudys and D. S. Wallach. Termination in language-based systems. ACM Transactions on Information and System Security, 5(2): 138-168, May 2002.
24. A. Rudys and D. S. Wallach. Transactional rollback for language-based systems. In Proceedings of the International Conference on Dependable Systems and Networks (DSN'02), pages 439-448, Washington, D.C., June 2002.
25. R. S. Sandhu. A lattice interpretation of the Chinese Wall policy. In Proceedings of the 15th NIST-NCSC National Computer Security Conference, pages 221-235, Baltimore, MD, Oct. 1992.
26. F. B. Schneider. Enforceable security policies. ACM Transactions on Information and System Security, 3(1):30-50, Feb. 2000.
27. Úlfar Erlingsson and F. B. Schneider. SASI enforcement of security policies: A retrospective. In Proceedings of the 1999 New Security Paradigms Workshop, pages 87-95, Caledon Hills, Ontario, Canada, Sept. 1999.
28. Úlfar Erlingsson and F. B. Schneider. IRM enforcement of Java stack inspection. In Proceedings of the 2000 IEEE Symposium on Security and Privacy, pages 246-255, Berkeley, California, May 2000.
29. M. Viswanathan. Foundations for the Run-time Analysis of Software systems. PhD thesis, University of Pennsylvania, Dec. 2000.
30. D. S. Wallach, A. W. Appel, and E. W. Felten. SAFKASI: A security mechanism for language-based systems. ACM Transactions on Software Engineering and Methodology, 9(4):341-378, Oct. 2000.
31. I. Welch and R. J. Stroud. Using reflection as a mechanism for enforcing security policies on compiled code. Journal of Computer Security, 10(4):399-432, 2002.
32. W. D. Young, P. A. Telega, and W. E. Boebert. A verified labler for the secure Ada target. In Proceedings of the 9th National Computer Security Conference, pages 55-61, Sept. 1986.