实施IRM安全策略:两个案例研究

2009 IEEE International Conference on Intelligence and Security Informatics Pub Date : 2009-06-08 DOI:10.1109/ISI.2009.5137306

Micah Jones, Kevin W. Hamlen

{"title":"实施IRM安全策略:两个案例研究","authors":"Micah Jones, Kevin W. Hamlen","doi":"10.1109/ISI.2009.5137306","DOIUrl":null,"url":null,"abstract":"SPoX (Security Policy XML) is a declarative language for specifying application security policies for enforcement by In-lined Reference Monitors. Two case studies are presented that demonstrate how this language can be used to effectively enforce application-specific security policies for untrusted Java applications in the absence of source code.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":"41 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"Enforcing IRM security policies: Two case studies\",\"authors\":\"Micah Jones, Kevin W. Hamlen\",\"doi\":\"10.1109/ISI.2009.5137306\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"SPoX (Security Policy XML) is a declarative language for specifying application security policies for enforcement by In-lined Reference Monitors. Two case studies are presented that demonstrate how this language can be used to effectively enforce application-specific security policies for untrusted Java applications in the absence of source code.\",\"PeriodicalId\":210911,\"journal\":{\"name\":\"2009 IEEE International Conference on Intelligence and Security Informatics\",\"volume\":\"41 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-06-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 IEEE International Conference on Intelligence and Security Informatics\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISI.2009.5137306\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 IEEE International Conference on Intelligence and Security Informatics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISI.2009.5137306","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 16

摘要

SPoX(安全策略XML)是一种声明性语言，用于指定内联引用监视器执行的应用程序安全策略。本文提供了两个案例研究，演示了在没有源代码的情况下，如何使用这种语言对不受信任的Java应用程序有效地实施特定于应用程序的安全策略。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Enforcing IRM security policies: Two case studies

SPoX (Security Policy XML) is a declarative language for specifying application security policies for enforcement by In-lined Reference Monitors. Two case studies are presented that demonstrate how this language can be used to effectively enforce application-specific security policies for untrusted Java applications in the absence of source code.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2009 IEEE International Conference on Intelligence and Security Informatics

自引率

0.00%

发文量

期刊最新文献

Social network classification incorporating link type values Weaving ontologies to support digital forensic analysis Building a better password: The role of cognitive load in information security training Web opinions analysis with scalable distance-based clustering A Higher Order Collective Classifier for detecting and classifying network events