A Model of Execution Monitoring Enforcement Mechanism
Execution monitoring (EM) is a ubiquitous way for monitoring untrusted applications. In this paper, we concern the characterization of security policies which was seldom concerned before. We define security policy as a security predicate which is a conjunction of two different sub-predicates:sequences predicate and states predicate. This work proves that different implementations of security policies specify different properties. Under this new definition of security policies, a model of EM enforcement mechanism is designed to describe the relations between the power of EM enforcement mechanism and the requirement of security policies.
Execution Monitoring Security Policies Properties Enforcement Mechanism Security Automata
Chenhong Liu Bogang Lin
College of Mathematics and Computer Science Fuzhou University Fuzhou, China
国际会议
南宁
英文
69-74
2010-10-13(万方平台首次上网日期,不代表论文的发表时间)