Monitoring untrusted code for harmful behaviour is an important security issue. Many approaches have been proposed for restricting activities and the range of untrusted code. Among these, run-time monitoring is a promising approach for constricting run-time behaviour of programs. In this paper we describe a method of containing the effects of untrusted code with respect to a specified policy. We use a guarded command like language for specifying policies that could monitor system calls, APIs or library routines of the underlying system. We also discuss a system call monitoring architecture for an operating system like Linux. We provide semantics of the language in terms of Security Automata and also discuss how pure past temporal properties can be automatically compiled into policies in guarded command language. This allows users to specify policies in terms of logical formulae and automatically generate monitoring algorithm for the same in terms of guarded commands. We show how simple modifications allow us to specify constraints on the overall behaviour of a group of processes. © Springer-Verlag Berlin Heidelberg 2007.
CITATION STYLE
Shah, H., & Shyamasundar, R. K. (2007). On run-time enforcement of policies. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4846 LNCS, pp. 268–281). Springer Verlag. https://doi.org/10.1007/978-3-540-76929-3_26
Mendeley helps you to discover research relevant for your work.