Title: Security enforcement aware software development
Authors: Vanoverberghe, Dries ×
Piessens, Frank #
Issue Date: 2009
Series Title: Information and software technology vol:51 issue:7 pages:1172-1189
Abstract: In the domain of security policy enforcement, the concerns of application developers are almost completely ignored. As a consequence, it is hard to develop useful and reliable applications that will function properly under a variety of policies. This paper addresses this issue for application security policies specified as security automata, and enforced through run-time monitoring. Our solution consists of three elements: the definition of an abstract interface to the policy that is being enforced, a sound construct to query that policy, and a static verification algorithm that guarantees absence of security policy violations in critical blocks of code.
ISSN: 0950-5849
Publication status: published
KU Leuven publication type: IT
Appears in Collections:Informatics Section
× corresponding author
# (joint) last author

Files in This Item:
File Description Status SizeFormat
main.pdfMain article Published 287KbAdobe PDFView/Open


All items in Lirias are protected by copyright, with all rights reserved.

© Web of science