Enforceable Security Policies Revisited
- 1 June 2013
- journal article
- research article
- Published by Association for Computing Machinery (ACM) in ACM Transactions on Information and System Security
- Vol. 16 (1), 1-26
- https://doi.org/10.1145/2487222.2487225
Abstract
We revisit Schneider’s work on policy enforcement by execution monitoring. We overcome limitations of Schneider’s setting by distinguishing between system actions that are controllable by an enforcement mechanism and those actions that are only observable, that is, the enforcement mechanism sees them but cannot prevent their execution. For this refined setting, we give necessary and sufficient conditions on when a security policy is enforceable. To state these conditions, we generalize the standard notion of safety properties. Our classification of system actions also allows one, for example, to reason about the enforceability of policies that involve timing constraints. Furthermore, for different specification languages, we investigate the decision problem of whether a given policy is enforceable. We provide complexity results and show how to synthesize an enforcement mechanism from an enforceable policy.Keywords
Funding Information
This publication has 34 references indexed in Scilit:
- Extending the enforcement power of truncation monitors using static analysisComputers & Security, 2011
- Reactive SafetyElectronic Proceedings in Theoretical Computer Science, 2011
- Model checkingCommunications of the ACM, 2009
- Run-Time Enforcement of Nonsafety PoliciesACM Transactions on Information and System Security, 2009
- Distributed usage controlCommunications of the ACM, 2006
- Computability classes for enforcement mechanismsACM Transactions on Programming Languages and Systems, 2006
- Preface to the special issue of selected papers from FCS/VERIFY 2002International Journal of Information Security, 2005
- Enforceable security policiesACM Transactions on Information and System Security, 2000
- A really temporal logicJournal of the ACM, 1994
- The complexity of propositional linear temporal logicsJournal of the ACM, 1985