Computer Science ›› 2016, Vol. 43 ›› Issue (Z11): 352-354.doi: 10.11896/j.issn.1002-137X.2016.11A.081

Previous Articles     Next Articles

In-lined Reference Monitor Method of Two-dimension Information Release Policy

ZHU Hao, CHEN Jian-ping and JIN Li   

  • Online:2018-12-01 Published:2018-12-01

Abstract: The static enforcement methods of declassification policies are over-restrictive.Dynamic approaches based on virtual machines are not suited to Web and just-in-time compiling environments completely.To this end,a two-dimension declassification policy based on the dimension of WHAT and WHERE was enforced by in-lined reference monitor method.The transformation rules of in-lined reference monitor method were presented,and the soundness of the rules was proved.According to transformation rules of the program,the source program is transformed and rewritten to a new program,which is independent of external monitoring environments and can be self-monitored.

Key words: Information release policy,Monitor,In-lined reference,Non-interference

[1] Goguen J A,Meseguer J.Security policies and security models [C]∥Proceedings of IEEE Symposium on Security and Privacy.1982:11-20
[2] Focardi R,Gorrieri R,Martinelli F.Non Interference for the Analysis of Cryptographic Protocols[C]∥International Colloquium on Automata Languages and Programming.Springer-Verlag,2000:354-372
[3] Sabelfeld A,Sands D.Declassification:dimensions and principles[J].Journal of Computer Security,2009,7(5):517-548
[4] Sabelfeld A,Russo A.From Dynamic to Static and Back:Riding the Roller Coaster of Information-Flow Control Research [C]∥Proceedings of 7th International Andrei Ershov Memorial Conference.2009:352-365
[5] Askarov A,Myers A.A semantic framework for declassification and endorsement[C]∥Programming Languages and Systems,Lecture Notes in Computer Science.2010:64-84
[6] Zhu H,Zhuang Y,Chen X.Information Declassification forMulti-Threaded Programs[J].Applied Mathematics & Information Sciences,2014,8(4):1911-1916
[7] Chudnov A,Naumann D A.Information flow monitor in-lining [C]∥Proceedings of IEEE Symposium on Computer Security Foundations.2010:200-214
[8] Magazinius J,Russo A,Sabelfeld A.On-the-fly inlining of dy-namic security monitors[J].Computers& Security,2012,31(7):827-843
[9] Sridhar M,Hamlen K W.Flexible in-lined reference monitorcertification:Challenges and future directions[C]∥Proceedings of ACM Workshop on Programming Languages Meets Program Verification.2011:55-60
[10] 朱浩,庄毅,薛羽,等.基于内容和地点维度的机密信息降级策略[J].计算机科学,2012,39(8):153-157
[11] 金丽,朱浩.多线程环境中的准降密策略[J].计算机科学,2015,2(12):243-246

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!