Title :
Rewriting-based security enforcement of concurrent systems: A formal approach
Author :
Langar, Mahjoub ; Mejri, Mohamed ; Adi, Kamel
Author_Institution :
Comput. Sci. Dept., Laval Univ., Québec, QC, Canada
Abstract :
Program security enforcement is designed to ensure that a program respects a given security policy, which generally specifies the acceptable executions of that. In general, the enforcement is achieved by adding some controls (tests) inside the target program or process. The major drawback of existing techniques is either their lack of precision or their inefficiency, especially those dedicated for concurrent languages. This paper proposes an efficient algebraic and fully automatic approach for security program enforcement: given a concurrent program P and a security policy φ, it automatically generates another program P´ that satisfies φ and behaves like P, except that it stops when P tries to violate the security policy φ.
Keywords :
algebra; computer network security; rewriting systems; concurrent language; concurrent system; rewriting based security enforcement; security program enforcement; Algebra; Monitoring; Runtime; Safety; Security; Semantics; Syntactics; Concurrent systems; Formal verification; Language based security; Process algebra; Runtime verification;
Conference_Titel :
Security and Cryptography (SECRYPT), Proceedings of the 2010 International Conference on
Conference_Location :
Athens
