Beyond Stack Inspection: A Unified Access-Control and Information-Flow Security Model

Marco Pistoia, A. Banerjee, D. Naumann
{"title":"Beyond Stack Inspection: A Unified Access-Control and Information-Flow Security Model","authors":"Marco Pistoia, A. Banerjee, D. Naumann","doi":"10.1109/SP.2007.10","DOIUrl":null,"url":null,"abstract":"Modern component-based systems, such as Java and Microsoft .NET common language runtime (CLR), have adopted stack-based access control (SBAC). Its purpose is to use stack inspection to verify that all the code responsible for a security-sensitive action is sufficiently authorized to perform that action. Previous literature has shown that the security model enforced by SBAC is flawed in that stack inspection may allow unauthorized code no longer on the stack to influence the execution of security-sensitive code. A different approach, history-based access control (HBAC), is safe but may prevent authorized code from executing a security-sensitive operation if less trusted code was previously executed. In this paper, we formally introduce information-based access control (IBAC), a novel security model that verifies that all and only the code responsible for a security-sensitive operation is sufficiently authorized. Given an access-control policy a, we present a mechanism to extract from it an implicit integrity policy i, and we prove that IBAC enforces i. Furthermore, we discuss large-scale application code scenarios to which IBAC can be successfully applied.","PeriodicalId":131863,"journal":{"name":"2007 IEEE Symposium on Security and Privacy (SP '07)","volume":"71 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"60","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 IEEE Symposium on Security and Privacy (SP '07)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SP.2007.10","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 60

Abstract

Modern component-based systems, such as Java and Microsoft .NET common language runtime (CLR), have adopted stack-based access control (SBAC). Its purpose is to use stack inspection to verify that all the code responsible for a security-sensitive action is sufficiently authorized to perform that action. Previous literature has shown that the security model enforced by SBAC is flawed in that stack inspection may allow unauthorized code no longer on the stack to influence the execution of security-sensitive code. A different approach, history-based access control (HBAC), is safe but may prevent authorized code from executing a security-sensitive operation if less trusted code was previously executed. In this paper, we formally introduce information-based access control (IBAC), a novel security model that verifies that all and only the code responsible for a security-sensitive operation is sufficiently authorized. Given an access-control policy a, we present a mechanism to extract from it an implicit integrity policy i, and we prove that IBAC enforces i. Furthermore, we discuss large-scale application code scenarios to which IBAC can be successfully applied.
超越堆栈检查:一个统一的访问控制和信息流安全模型
现代基于组件的系统,如Java和microsoft.net公共语言运行库(CLR),都采用了基于堆栈的访问控制(SBAC)。它的目的是使用堆栈检查来验证负责安全敏感操作的所有代码是否获得了足够的授权来执行该操作。以前的文献表明,SBAC强制执行的安全模型存在缺陷,因为堆栈检查可能允许未经授权的代码不再在堆栈上影响安全敏感代码的执行。另一种方法是基于历史的访问控制(HBAC),它是安全的,但如果之前执行了不太可信的代码,则可能会阻止授权代码执行对安全敏感的操作。在本文中,我们正式介绍了基于信息的访问控制(IBAC),这是一种新的安全模型,它验证所有且仅负责安全敏感操作的代码得到充分授权。给出了一种从访问控制策略a中提取隐式完整性策略i的机制,并证明了IBAC可以强制执行i。此外,我们还讨论了IBAC可以成功应用于的大规模应用程序代码场景。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信