Security Monitor Inlining for Multithreaded Java
2009 (English)In: ECOOP 2009: OBJECT-ORIENTED PROGRAMMING / [ed] Drossopoulou S, 2009, Vol. 5653, 546-569 p.Conference paper (Refereed)
Program monitoring is a well-established and efficient approach to security policy enforcement. An implementation of program monitoring that is particularly appealing for application-level policy enforcement is monitor inlining: the application is rewritten to push monitoring and policy enforcement code into the application itself. The intention is that the inserted code enforces compliance with the policy (security), and otherwise interferes with the application as little as possible (conservativity and transparency). For sequential Java-like languages, provably correct inlining algorithms have been proposed, but for the multithreaded setting, this is still an open problem. We show that no inliner for multithreaded Java can be both secure and transparent. It is however possible to identify a broad class of policies for which all three correctness criteria can be obtained. We propose an inliner that is correct for such policies, implement it for Java, and show that it is practical by reporting on some benchmarks.
Place, publisher, year, edition, pages
2009. Vol. 5653, 546-569 p.
, Lecture Notes in Computer Science, ISSN 0302-9743 ; 5653
Conservativity, Correctness criterion, Inlining, Multithreaded, Open problems, Policy enforcement, Program monitoring, Security policy enforcement, Object oriented programming
IdentifiersURN: urn:nbn:se:kth:diva-30709DOI: 10.1007/978-3-642-03013-0_25ISI: 000268998700023ScopusID: 2-s2.0-69949167255ISBN: 978-3-642-03012-3OAI: oai:DiVA.org:kth-30709DiVA: diva2:402851
23rd European Conference on Object-Oriented Programming (ECOOP 2009), Genoa, ITALY, JUL 06-10, 2009
QC 201103102011-03-102011-03-042012-01-20Bibliographically approved