Enforcing authorization policies using transactional memory introspection

13 years 6 months ago

Download www.cs.rutgers.edu

Correct enforcement of authorization policies is a difficult task, especially for multi-threaded software. Even in carefully-reviewed code, unauthorized access may be possible in subtle corner cases. We introduce Transactional Memory Introspection (TMI), a novel reference monitor architecture that builds on Software Transactional Memory--a new, attractive alternative for writing correct, multi-threaded software. TMI facilitates correct security enforcement by simplifying how the reference monitor integrates with software functionality. TMI can ensure complete mediation of security-relevant operations, eliminate race conditions related to security checks, and simplify handling of authorization failures. We present the design and implementation of a TMI-based reference monitor and experiment with its use in enforcing authorization policies on four significant servers. Our experiments confirm the benefits of the TMI architecture and show that it imposes an acceptable runtime overhead. Ca...

Arnar Birgisson, Mohan Dhawan, Úlfar Erling

Real-time Traffic

Authorization Policies | CCS 2008 | Multi-threaded Software | Reference Monitor | Security Privacy |

claim paper

» Dynamically Checking Ownership Policies in Concurrent CC Programs

» A lightweight fairness mechanism for chip multiprocessor memory systems

» Trustworthy Accounting for Wireless LAN Sharing Communities

Post Info
More Details (n/a)

Added	12 Oct 2010
Updated	12 Oct 2010
Type	Conference
Year	2008
Where	CCS
Authors	Arnar Birgisson, Mohan Dhawan, Úlfar Erlingsson, Vinod Ganapathy, Liviu Iftode

Comments (0)

Sciweavers

Enforcing authorization policies using transactional memory introspection

Authorization Policies | CCS 2008 | Multi-threaded Software | Reference Monitor | Security Privacy |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers