Title :
FASER (Formal and Automatic Security Enforcement by Rewriting): An algebraic approach
Author :
Sui, Guangye ; Mejri, Mohamed ; Ben Sta, Hatem
Author_Institution :
Laval Univ., Quebec City, QC, Canada
Abstract :
Recent research confirmed that program rewriting techniques are powerful mechanisms for security enforcement, since they gather advantages of both static and dynamic approaches. In a previous work, we introduced the basic ideas underlying a program rewriting approach allowing to automatically enforce a security policy on an untrusted program. In this approach, a security policy and an untrusted program are specified as two processes in an extended version of the BPA (Basic Process Algebra) and the security enforcement problem is transformed to a resolution of a linear system generated from them. The enforced version of a program "behaves" like the original one except that it will be aborted when it tries to violate the security policy. In this paper, we better formalize the approach; we prove its foundation; we endow it with a high level logic to specify security policy and we implement a prototype that shows its efficiency.
Keywords :
formal specification; process algebra; program diagnostics; rewriting systems; security of data; BPA; FASER; algebraic approach; basic process algebra; dynamic approach; formal and automatic security enforcement by rewriting; high level logic to; linear system; program rewriting techniques; security policy specification; static approach; untrusted program; Algebra; Equations; Linear systems; Monitoring; Security; Semantics; Syntactics; Process Algebra; Program Rewriting; Security Enforcement; Security Policies;
Conference_Titel :
Computational Intelligence for Security and Defence Applications (CISDA), 2012 IEEE Symposium on
Conference_Location :
Ottawa, ON
Print_ISBN :
978-1-4673-1416-9
DOI :
10.1109/CISDA.2012.6291527
