Revisiting enforceable security policies

Abstract

We algebraically characterize a class of enforceable security policies by execution monitoring using a modal logic. We regard monitors as processes in Milnerpsilas CCS and security policies as formulas in the modal logic. We show that a set of processes occurring in a monitor must be within the greatest fixed point for the formula, following Schneiderpsilas definition on execution monitors. We also consider monitors that can derive some sequences from a single captured action sequence. To discuss such monitors, we introduce variables ranging over sets of processes in CCS. We then show that there is fixed points under the extension. This work may help us to understand such monitors to detect covert channels at run time and to analyze safety properties for multithreads, which need to examine multiple paths.