MCC中基于LSBA的安全验证

2009 International Conference on Computational Intelligence and Software Engineering Pub Date : 2009-12-28 DOI:10.1109/CISE.2009.5362528

Zhenhao Li, Xiaojuan Zheng, Yonglong Wei

{"title":"MCC中基于LSBA的安全验证","authors":"Zhenhao Li, Xiaojuan Zheng, Yonglong Wei","doi":"10.1109/CISE.2009.5362528","DOIUrl":null,"url":null,"abstract":"This paper presents a new way to verify whether a behavior model of code satisfies a security policy in the model- carrying code(MCC) approach for safe execution of untrusted code. This new verification method based on a new kind of model called logic semantic based automata(LSBA). Logic semantic based pushdown automata(LSBPDA)is to model safety-related behaviors of codes unknown to a user and logic semantic based finite states automata(LSBFSA)is to model security policies of users. Verification is done by checking wether the language of the LSBPDA model of a policy and the language of the LSBFSA model of untrusted code intersect. This new method is formal in nature and suitable for automation of the verification step in MCC method. Index Terms—MCC, safety of mobile code, formal method, safety model verification","PeriodicalId":135441,"journal":{"name":"2009 International Conference on Computational Intelligence and Software Engineering","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"LSBA Based Security Verification in MCC\",\"authors\":\"Zhenhao Li, Xiaojuan Zheng, Yonglong Wei\",\"doi\":\"10.1109/CISE.2009.5362528\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper presents a new way to verify whether a behavior model of code satisfies a security policy in the model- carrying code(MCC) approach for safe execution of untrusted code. This new verification method based on a new kind of model called logic semantic based automata(LSBA). Logic semantic based pushdown automata(LSBPDA)is to model safety-related behaviors of codes unknown to a user and logic semantic based finite states automata(LSBFSA)is to model security policies of users. Verification is done by checking wether the language of the LSBPDA model of a policy and the language of the LSBFSA model of untrusted code intersect. This new method is formal in nature and suitable for automation of the verification step in MCC method. Index Terms—MCC, safety of mobile code, formal method, safety model verification\",\"PeriodicalId\":135441,\"journal\":{\"name\":\"2009 International Conference on Computational Intelligence and Software Engineering\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-12-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 International Conference on Computational Intelligence and Software Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CISE.2009.5362528\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 International Conference on Computational Intelligence and Software Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CISE.2009.5362528","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

本文提出了一种验证代码行为模型是否满足安全策略的新方法，用于安全执行不受信任的代码。这种新的验证方法基于一种新的模型——基于逻辑语义的自动机(LSBA)。基于逻辑语义的下推自动机(LSBPDA)是对用户未知代码的安全相关行为进行建模，基于逻辑语义的有限状态自动机(LSBFSA)是对用户的安全策略进行建模。验证是通过检查策略的LSBPDA模型的语言和不可信代码的LSBFSA模型的语言是否相交来完成的。该方法具有形式化的特点，适合于MCC方法中验证步骤的自动化。索引术语- mcc，移动代码安全，形式化方法，安全模型验证

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

LSBA Based Security Verification in MCC

This paper presents a new way to verify whether a behavior model of code satisfies a security policy in the model- carrying code(MCC) approach for safe execution of untrusted code. This new verification method based on a new kind of model called logic semantic based automata(LSBA). Logic semantic based pushdown automata(LSBPDA)is to model safety-related behaviors of codes unknown to a user and logic semantic based finite states automata(LSBFSA)is to model security policies of users. Verification is done by checking wether the language of the LSBPDA model of a policy and the language of the LSBFSA model of untrusted code intersect. This new method is formal in nature and suitable for automation of the verification step in MCC method. Index Terms—MCC, safety of mobile code, formal method, safety model verification

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2009 International Conference on Computational Intelligence and Software Engineering

自引率

0.00%

发文量