Dynamic enforcement of decentralized security policies
Licentiate thesis, 2011

This thesis explores defining security policies in a decentralized setting and dynamic methods of enforcing such policies. In a decentralized setting, principals are free to trust or distrust other principals. The key challenge is to provide possibilities for expressing and enforcing expressive decentralized policies. With foundation in security lattices, we develop a framework for decentralized policies for both confidentiality and declassification. The framework for describing policies takes into account the security policy of all involved principals. To enforce these policies in a highly dynamic setting, such as a web mashup, the thesis proposes a series of monitoring techniques. In particular, we investigate inlining of security monitors, a task which is made more complicated by dynamic code evluation fetures. We consider monitors executing in an environment under the influence of an attacker, identifying both attacks and how they are mitigated through use of defensive programming patterns.

dynamic

enforcement

security

policies

decentralized

EB
Opponent: Dr. Martin Johns

Author

Jonas Magazinius

Chalmers, Computer Science and Engineering (Chalmers), Software Technology (Chalmers)

Safe Wrappers and Sane Policies for Self Protecting JavaScript

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),; Vol. 7127(2012)p. 239-255

Paper in proceeding

On-the-fly inlining of dynamic security monitors

IFIP Advances in Information and Communication Technology,; Vol. 330(2010)p. 173-186

Paper in proceeding

A lattice-based approach to mashup security

5th ACM Symposium on Information, Computer and Communication Security, ASIACCS 2010; Beijing; 13 April 2010 through 16 April 2010,; (2010)p. 15-23

Paper in proceeding

Areas of Advance

Information and Communication Technology

Subject Categories

Software Engineering

Technical report L - Department of Computer Science and Engineering, Chalmers University of Technology and Göteborg University: 1652

EB

Opponent: Dr. Martin Johns

More information

Created

10/7/2017