计算机科学 ›› 2016, Vol. 43 ›› Issue (Z11): 352-354.doi: 10.11896/j.issn.1002-137X.2016.11A.081
朱浩,陈建平,金丽
ZHU Hao, CHEN Jian-ping and JIN Li
摘要: 降密策略的静态实施机制存在限制性过强的缺陷,基于虚拟机的动态监控机制不能完全适合Web和即时编译环境。为此,基于内联引用监控方法,实施了基于内容和地点维度的二维降密策略。提出了内联引用监控方法的程序变形规则,并证明了该方法的可靠性;根据该程序变形规则,将源程序进行变形重写,生成一个新的程序,它能脱离外部监控环境,实现自我监控。
[1] Goguen J A,Meseguer J.Security policies and security models [C]∥Proceedings of IEEE Symposium on Security and Privacy.1982:11-20 [2] Focardi R,Gorrieri R,Martinelli F.Non Interference for the Analysis of Cryptographic Protocols[C]∥International Colloquium on Automata Languages and Programming.Springer-Verlag,2000:354-372 [3] Sabelfeld A,Sands D.Declassification:dimensions and principles[J].Journal of Computer Security,2009,7(5):517-548 [4] Sabelfeld A,Russo A.From Dynamic to Static and Back:Riding the Roller Coaster of Information-Flow Control Research [C]∥Proceedings of 7th International Andrei Ershov Memorial Conference.2009:352-365 [5] Askarov A,Myers A.A semantic framework for declassification and endorsement[C]∥Programming Languages and Systems,Lecture Notes in Computer Science.2010:64-84 [6] Zhu H,Zhuang Y,Chen X.Information Declassification forMulti-Threaded Programs[J].Applied Mathematics & Information Sciences,2014,8(4):1911-1916 [7] Chudnov A,Naumann D A.Information flow monitor in-lining [C]∥Proceedings of IEEE Symposium on Computer Security Foundations.2010:200-214 [8] Magazinius J,Russo A,Sabelfeld A.On-the-fly inlining of dy-namic security monitors[J].Computers& Security,2012,31(7):827-843 [9] Sridhar M,Hamlen K W.Flexible in-lined reference monitorcertification:Challenges and future directions[C]∥Proceedings of ACM Workshop on Programming Languages Meets Program Verification.2011:55-60 [10] 朱浩,庄毅,薛羽,等.基于内容和地点维度的机密信息降级策略[J].计算机科学,2012,39(8):153-157 [11] 金丽,朱浩.多线程环境中的准降密策略[J].计算机科学,2015,2(12):243-246 |
No related articles found! |
|