{"title":"柔性内联参考监视器认证:挑战和未来方向","authors":"Meera Sridhar, Kevin W. Hamlen","doi":"10.1145/1929529.1929537","DOIUrl":null,"url":null,"abstract":"Over the last few years, in-lined reference monitors (IRM's) have gained much popularity as successful security enforcement mechanisms. Aspect-oriented programming (AOP) provides one elegant paradigm for implementing IRM frameworks. There is a foreseen need to enhance both AOP-style and non-AOP IRM's with static certification due to two main concerns. Firstly, the Trusted Computing Base (TCB) can grow large quickly in an AOP-style IRM framework. Secondly, in many practical settings, such as in the domain of web-security, aspectually encoded policy implementations and the rewriters that apply them to untrusted code are subject to frequent change. Replacing the rewriter with a small, light-weight, yet powerful certifier that is policy-independent and less subject to change addresses both these concerns.\n The goal of this paper is two-fold. First, interesting issues encountered in the process of building certification systems for IRM frameworks, such as policy specification, certifier soundness, and certifier completeness, are explored in the light of related work. In the second half of the paper, three prominent unsolved problems in the domain of IRM certification are examined: runtime code-generation via eval, IRM certification in the presence of concurrency, and formal verification of transparency. Promising directions suggested by recent work related to these problems are highlighted.","PeriodicalId":153056,"journal":{"name":"Programming Languages meets Program Verification","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-01-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"Flexible in-lined reference monitor certification: challenges and future directions\",\"authors\":\"Meera Sridhar, Kevin W. Hamlen\",\"doi\":\"10.1145/1929529.1929537\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Over the last few years, in-lined reference monitors (IRM's) have gained much popularity as successful security enforcement mechanisms. Aspect-oriented programming (AOP) provides one elegant paradigm for implementing IRM frameworks. There is a foreseen need to enhance both AOP-style and non-AOP IRM's with static certification due to two main concerns. Firstly, the Trusted Computing Base (TCB) can grow large quickly in an AOP-style IRM framework. Secondly, in many practical settings, such as in the domain of web-security, aspectually encoded policy implementations and the rewriters that apply them to untrusted code are subject to frequent change. Replacing the rewriter with a small, light-weight, yet powerful certifier that is policy-independent and less subject to change addresses both these concerns.\\n The goal of this paper is two-fold. First, interesting issues encountered in the process of building certification systems for IRM frameworks, such as policy specification, certifier soundness, and certifier completeness, are explored in the light of related work. In the second half of the paper, three prominent unsolved problems in the domain of IRM certification are examined: runtime code-generation via eval, IRM certification in the presence of concurrency, and formal verification of transparency. Promising directions suggested by recent work related to these problems are highlighted.\",\"PeriodicalId\":153056,\"journal\":{\"name\":\"Programming Languages meets Program Verification\",\"volume\":\"7 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-01-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Programming Languages meets Program Verification\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1929529.1929537\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Programming Languages meets Program Verification","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1929529.1929537","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Flexible in-lined reference monitor certification: challenges and future directions
Over the last few years, in-lined reference monitors (IRM's) have gained much popularity as successful security enforcement mechanisms. Aspect-oriented programming (AOP) provides one elegant paradigm for implementing IRM frameworks. There is a foreseen need to enhance both AOP-style and non-AOP IRM's with static certification due to two main concerns. Firstly, the Trusted Computing Base (TCB) can grow large quickly in an AOP-style IRM framework. Secondly, in many practical settings, such as in the domain of web-security, aspectually encoded policy implementations and the rewriters that apply them to untrusted code are subject to frequent change. Replacing the rewriter with a small, light-weight, yet powerful certifier that is policy-independent and less subject to change addresses both these concerns.
The goal of this paper is two-fold. First, interesting issues encountered in the process of building certification systems for IRM frameworks, such as policy specification, certifier soundness, and certifier completeness, are explored in the light of related work. In the second half of the paper, three prominent unsolved problems in the domain of IRM certification are examined: runtime code-generation via eval, IRM certification in the presence of concurrency, and formal verification of transparency. Promising directions suggested by recent work related to these problems are highlighted.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
