{"title":"用于在运行时强制执行安全属性的模块化管道","authors":"Rania Taleb, Sylvain Hallé, Raphaël Khoury","doi":"10.1007/s12243-023-00952-z","DOIUrl":null,"url":null,"abstract":"<div><p>Runtime enforcement ensures the respect of a user-specified security policy by a program by providing a valid replacement for any misbehaving sequence of events that may occur during that program’s execution. However, depending on the capabilities of the enforcement mechanism, multiple possible replacement sequences may be available, and the current literature is silent on the question of how to choose the optimal one. Furthermore, the current design of runtime monitors imposes a substantial burden on the designer, since the entirety of the monitoring task is accomplished by a monolithic construct, usually an automata-based model. In this paper, we propose a new modular model of enforcement monitors, in which the tasks of altering the execution, ensuring compliance with the security policy, and selecting the optimal replacement are split into three separate modules, which simplifies the creation of runtime monitors. We implement this approach by using the event stream processor BeepBeep and a use case is presented. Experimental evaluation shows that our proposed framework can dynamically select an adequate enforcement actions at runtime, without the need to manually define an enforcement monitor.</p></div>","PeriodicalId":50761,"journal":{"name":"Annals of Telecommunications","volume":"78 7-8","pages":"429 - 457"},"PeriodicalIF":1.8000,"publicationDate":"2023-04-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://link.springer.com/content/pdf/10.1007/s12243-023-00952-z.pdf","citationCount":"1","resultStr":"{\"title\":\"A modular pipeline for enforcement of security properties at runtime\",\"authors\":\"Rania Taleb, Sylvain Hallé, Raphaël Khoury\",\"doi\":\"10.1007/s12243-023-00952-z\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Runtime enforcement ensures the respect of a user-specified security policy by a program by providing a valid replacement for any misbehaving sequence of events that may occur during that program’s execution. However, depending on the capabilities of the enforcement mechanism, multiple possible replacement sequences may be available, and the current literature is silent on the question of how to choose the optimal one. Furthermore, the current design of runtime monitors imposes a substantial burden on the designer, since the entirety of the monitoring task is accomplished by a monolithic construct, usually an automata-based model. In this paper, we propose a new modular model of enforcement monitors, in which the tasks of altering the execution, ensuring compliance with the security policy, and selecting the optimal replacement are split into three separate modules, which simplifies the creation of runtime monitors. We implement this approach by using the event stream processor BeepBeep and a use case is presented. Experimental evaluation shows that our proposed framework can dynamically select an adequate enforcement actions at runtime, without the need to manually define an enforcement monitor.</p></div>\",\"PeriodicalId\":50761,\"journal\":{\"name\":\"Annals of Telecommunications\",\"volume\":\"78 7-8\",\"pages\":\"429 - 457\"},\"PeriodicalIF\":1.8000,\"publicationDate\":\"2023-04-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://link.springer.com/content/pdf/10.1007/s12243-023-00952-z.pdf\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Annals of Telecommunications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://link.springer.com/article/10.1007/s12243-023-00952-z\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"TELECOMMUNICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Annals of Telecommunications","FirstCategoryId":"94","ListUrlMain":"https://link.springer.com/article/10.1007/s12243-023-00952-z","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}
A modular pipeline for enforcement of security properties at runtime
Runtime enforcement ensures the respect of a user-specified security policy by a program by providing a valid replacement for any misbehaving sequence of events that may occur during that program’s execution. However, depending on the capabilities of the enforcement mechanism, multiple possible replacement sequences may be available, and the current literature is silent on the question of how to choose the optimal one. Furthermore, the current design of runtime monitors imposes a substantial burden on the designer, since the entirety of the monitoring task is accomplished by a monolithic construct, usually an automata-based model. In this paper, we propose a new modular model of enforcement monitors, in which the tasks of altering the execution, ensuring compliance with the security policy, and selecting the optimal replacement are split into three separate modules, which simplifies the creation of runtime monitors. We implement this approach by using the event stream processor BeepBeep and a use case is presented. Experimental evaluation shows that our proposed framework can dynamically select an adequate enforcement actions at runtime, without the need to manually define an enforcement monitor.
期刊介绍:
Annals of Telecommunications is an international journal publishing original peer-reviewed papers in the field of telecommunications. It covers all the essential branches of modern telecommunications, ranging from digital communications to communication networks and the internet, to software, protocols and services, uses and economics. This large spectrum of topics accounts for the rapid convergence through telecommunications of the underlying technologies in computers, communications, content management towards the emergence of the information and knowledge society. As a consequence, the Journal provides a medium for exchanging research results and technological achievements accomplished by the European and international scientific community from academia and industry.