The Specification and Compilation of Obligation Policies for Program Monitoring

dc.contributor.authorXu, Chengeng
dc.contributor.authorFong, Philipeng
dc.date.accessioned2012-03-26T17:20:16Z
dc.date.available2012-03-26T17:20:16Z
dc.date.issued2012-03-26T17:20:16Z
dc.description.abstractThe core component of an extensible software system must protect its resources from being abused by untrusted software extensions. The access control policies of extensible software systems are traditionally enforced by some form of reference monitors. Recent studies of access control policies advocate the use of obligation policies, which impose behavioural constraints on the future actions of the accessor even after the access is granted. It is argued that obligation policies provide continuous protection to the system. We envision the workflow of developing an obligation policy for program monitoring to involve three stages: specification, implementability check and implementation. In this work, we develop a series of tools to facilitate each stage of the workflow. First, we propose a policy language for formulating obligation policies. Second, we devise a type system for syntactically identifying if an obligation policy is enforceable or not. The type checker guides the policy developer in refining an obligation policy into an enforceable one. Finally, we design a compilation algorithm, which compiles well-typed obligation policies to a representation of reference monitors, called Obligation Monitor (OM). The OM is designed to facilitate monitor inlining.eng
dc.description.refereedNoeng
dc.identifier.department2011-996-08eng
dc.identifier.doihttp://dx.doi.org/10.11575/PRISM/30606
dc.identifier.urihttp://hdl.handle.net/1880/48922
dc.language.isoengeng
dc.publisher.corporateUniversity of Calgaryeng
dc.publisher.facultyScienceeng
dc.subjectExtensible software systemeng
dc.subject.otherAccess control policies, Program monitoringeng
dc.titleThe Specification and Compilation of Obligation Policies for Program Monitoringeng
dc.typetechnical reporteng
thesis.degree.disciplineComputer Scienceeng
Files
Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
2011-996-08.pdf
Size:
373.49 KB
Format:
Adobe Portable Document Format
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.86 KB
Format:
Item-specific license agreed upon to submission
Description: