Certified In-lined Reference Monitoring on .NET

ACM Workshop on Programming Languages and Analysis for Security Pub Date : 2006-06-10 DOI:10.1145/1134744.1134748

Kevin W. Hamlen, J. G. Morrisett, F. Schneider

{"title":"Certified In-lined Reference Monitoring on .NET","authors":"Kevin W. Hamlen, J. G. Morrisett, F. Schneider","doi":"10.1145/1134744.1134748","DOIUrl":null,"url":null,"abstract":"MOBILE is an extension of the .NET Common Intermediate Language that supports certified In-Lined Reference Monitoring. Mobile programs have the useful property that if they are well-typed with respect to a declared security policy, then they are guaranteed not to violate that security policy when executed. Thus, when an In-Lined Reference Monitor (IRM) is expressed in Mobile, it can be certified by a simple type-checker to eliminate the need to trust the producer of the IRM.Security policies in Mobile are declarative, can involve unbounded collections of objects allocated at runtime, and can regard infinite-length histories of security events exhibited by those objects. The prototype Mobile implementation enforces properties expressed by finite-state security automata - one automaton for each security-relevant object - and can type-check Mobile programs in the presence of exceptions, finalizers, concurrency, and non-termination. Executing Mobile programs requires no change to existing .NET virtual machine implementations, since Mobile programs consist of normal managed CIL code with extra typing annotations stored in .NET attributes.","PeriodicalId":119000,"journal":{"name":"ACM Workshop on Programming Languages and Analysis for Security","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"96","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Workshop on Programming Languages and Analysis for Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1134744.1134748","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 96

Abstract

MOBILE is an extension of the .NET Common Intermediate Language that supports certified In-Lined Reference Monitoring. Mobile programs have the useful property that if they are well-typed with respect to a declared security policy, then they are guaranteed not to violate that security policy when executed. Thus, when an In-Lined Reference Monitor (IRM) is expressed in Mobile, it can be certified by a simple type-checker to eliminate the need to trust the producer of the IRM.Security policies in Mobile are declarative, can involve unbounded collections of objects allocated at runtime, and can regard infinite-length histories of security events exhibited by those objects. The prototype Mobile implementation enforces properties expressed by finite-state security automata - one automaton for each security-relevant object - and can type-check Mobile programs in the presence of exceptions, finalizers, concurrency, and non-termination. Executing Mobile programs requires no change to existing .NET virtual machine implementations, since Mobile programs consist of normal managed CIL code with extra typing annotations stored in .NET attributes.

查看原文本刊更多论文

.NET上的认证内联引用监控

MOBILE是。net通用中间语言的扩展，支持经过认证的内联引用监控。移动程序有一个有用的属性，如果它们在声明的安全策略方面类型良好，那么它们在执行时就保证不会违反该安全策略。因此，当在Mobile中表示内联引用监视器(IRM)时，可以通过简单的类型检查器对其进行认证，以消除信任IRM生产者的需要。Mobile中的安全策略是声明性的，可以涉及在运行时分配的无界对象集合，并且可以考虑这些对象所显示的安全事件的无限长历史。原型Mobile实现强制执行由有限状态安全自动机表达的属性——每个与安全相关的对象都有一个自动机——并且可以在异常、终结器、并发性和非终止性存在的情况下对Mobile程序进行类型检查。执行移动程序不需要改变现有的。net虚拟机实现，因为移动程序由普通的托管CIL代码和存储在。net属性中的额外类型注释组成。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ACM Workshop on Programming Languages and Analysis for Security

自引率

0.00%

发文量