Abstract
Runtime security policy enforcement systems are crucial to limit the risks associated with running untrustworthy (malicious or buggy) code. The inlined reference monitor approach to policy enforcement, pioneered by Erlingsson and Schneider, implements runtime enforcement through program rewriting: security checks are inserted inside untrusted programs.
Ensuring complete mediation – the guarantee that every security-relevant event is actually intercepted by the monitor – is non-trivial when the program rewriter operates on an object-oriented intermediate language with state-of-the-art features such as virtual methods and delegates.
This paper proposes a caller-side rewriting algorithm for MSIL – the bytecode of the .NET virtual machine – where security checks are inserted around calls to security-relevant methods. We prove that this algorithm achieves sound and complete mediation and transparency for a simplified model of MSIL, and we report on our experiences with the implementation of the algorithm for full MSIL.
Chapter PDF
Similar content being viewed by others
References
Schneider, F.B.: Enforceable security policies. ACM Trans. on Information and System Security 3(1), 30–50 (2000)
Erlingsson, U., Schneider, F.B.: IRM enforcement of Java stack inspection. In: IEEE Symposium on Security and Privacy, pp. 246–255 (2000)
Bauer, L., Ligatti, J., Walker, D.: Composing security policies with polymer. In: PLDI 2005, pp. 305–314. ACM Press, New York (2005)
Evans, D., Twyman, A.: Flexible policy-directed code safety. In: IEEE Symposium on Security and Privacy, pp. 32–45 (1999)
Saltzer, J., Schroeder, M.: The protection of information in computer systems. IEEE 9(63) (1975)
Erlingsson, U.: The inlined reference monitor approach to security policy enforcement. PhD thesis, Cornell University (2004); Adviser-Fred B. Schneider
Erlingsson, S.: SASI enforcement of security policies: A retrospective. In: WNSP: New Security Paradigms Workshop. ACM Press, New York (2000)
Provos, N.: Improving host security with system call policies. In: SSYM’03: Proceedings of the 12th conference on USENIX Security Symposium, p. 18. USENIX Association, Berkeley, CA, USA (2003)
S3MS: Security of software and services for mobile systems (2007), http://www.s3ms.org/
European Computer Machinery Association: Standard ECMA-335: Common Language Infrastructure, 4th edn. (June 2006)
Fruja, N.G.: Type Safety of C# and.NET CLR. PhD thesis, ETH Zurich (2006)
Vanoverberghe, D., Piessens, F.: A caller-side inline reference monitor for object-oriented intermediate language: Extended version (2008), http://www.cs.kuleuven.be/publicaties/rapporten/cw/CW512.abs.html
Evain, J.: Cecil, http://www.mono-project.com/Cecil
Lindholm, T., Yellin, F.: The Java(TM) Virtual Machine Specification, April 1999. Prentice Hall PTR, Englewood Cliffs (1999)
Ligatti, J., Bauer, L., Walker, D.: Edit automata: Enforcement mechanisms for run-time security policies. International Journal of Information Security 4(1–2), 2–16 (2005)
Kiczales, G., Lamping, J., Menhdhekar, A., Maeda, C., Lopes, C., Loingtier, J.-M., Irwin, J.: Aspect-oriented programming. In: Aksit, M., Matsuoka, S. (eds.) ECOOP 1997. LNCS, vol. 1241, pp. 220–242. Springer, Heidelberg (1997)
Jeffrey, A.S.A., Rathke, J.: Java jr.: Fully abstract trace semantics for a core Java language. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 423–438. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Vanoverberghe, D., Piessens, F. (2008). A Caller-Side Inline Reference Monitor for an Object-Oriented Intermediate Language. In: Barthe, G., de Boer, F.S. (eds) Formal Methods for Open Object-Based Distributed Systems. FMOODS 2008. Lecture Notes in Computer Science, vol 5051. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-68863-1_15
Download citation
DOI: https://doi.org/10.1007/978-3-540-68863-1_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-68862-4
Online ISBN: 978-3-540-68863-1
eBook Packages: Computer ScienceComputer Science (R0)