Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2009
ACM
2009
ACM
Efficient IRM enforcement of history-based access control policies
Inlined Reference Monitor (IRM) is an established enforcement mechanism for history-based access control policies. IRM enforcement injects monitoring code into the binary of an untrusted program in order to track its execution history. The injected code denies access when execution deviates from the policy. The viability of IRM enforcement is predicated on the ability of the binary rewriting element to optimize away redundant monitoring code without compromising security. This work proposes a novel optimization framework for IRM enforcement. The scheme is based on a constrained representation of history-based access control policies, which, despite its constrained expressiveness, can express such policies as separation of duty, generalized Chinese Wall policies, and hierarchical one-out-of-k authorization. An IRM optimization procedure has been designed to exploit the structure of this policy representation. The optimization scheme is then extended into a distributed optimization prot...
Real-time TrafficCCS 2009 | IRM Enforcement Mechanism | IRM Optimization Procedure | Optimization Effectiveness | Security Privacy |
Related Content
| Added | 23 Nov 2009 |
| Updated | 23 Nov 2009 |
| Type | Conference |
| Year | 2009 |
| Where | CCS |
| Authors | Fei Yan, Philip W. L. Fong |
Comments (0)
Researcher Info
|
