Title :
Revisiting enforceable security policies
Author :
Nagatou, Naoyuki
Author_Institution :
Dept. of Comput. Sci., Ritsumeikan Univ., Shiga
Abstract :
We algebraically characterize a class of enforceable security policies by execution monitoring using a modal logic. We regard monitors as processes in Milnerpsilas CCS and security policies as formulas in the modal logic. We show that a set of processes occurring in a monitor must be within the greatest fixed point for the formula, following Schneiderpsilas definition on execution monitors. We also consider monitors that can derive some sequences from a single captured action sequence. To discuss such monitors, we introduce variables ranging over sets of processes in CCS. We then show that there is fixed points under the extension. This work may help us to understand such monitors to detect covert channels at run time and to analyze safety properties for multithreads, which need to examine multiple paths.
Keywords :
algebra; formal logic; multi-threading; security of data; system monitoring; CCS; algebra; enforceable security policies; execution monitoring; modal logic; multithreading; Algebra; Automata; Carbon capture and storage; Computer security; History; Logic functions; Mechanical factors; Monitoring; Runtime; Safety; execution monitoring; safety property; security policy;
Conference_Titel :
Risks and Security of Internet and Systems, 2008. CRiSIS '08. Third International Conference on
Conference_Location :
Tozeur
Print_ISBN :
978-1-4244-3309-4
DOI :
10.1109/CRISIS.2008.4757483
