• Title of article

    Security enforcement aware software development

  • Author/Authors

    Veerle Vanoverberghe، نويسنده , , Dries and Piessens، نويسنده , , Frank، نويسنده ,

  • Issue Information
    ماهنامه با شماره پیاپی سال 2009
  • Pages
    14
  • From page
    1172
  • To page
    1185
  • Abstract
    In the domain of security policy enforcement, the concerns of application developers are almost completely ignored. As a consequence, it is hard to develop useful and reliable applications that will function properly under a variety of policies. This paper addresses this issue for application security policies specified as security automata, and enforced through run-time monitoring. Our solution consists of three elements: the definition of an abstract interface to the policy that is being enforced, a sound construct to query that policy, and a static verification algorithm that guarantees absence of security policy violations in critical blocks of code.
  • Keywords
    Security automata , Run-time enforcement , Static verification , Inline reference monitor
  • Journal title
    Information and Software Technology
  • Serial Year
    2009
  • Journal title
    Information and Software Technology
  • Record number

    2374512