The authors are interested in the characterization of policies which are enforced by execution monitoring mechanisms with an extra structure that is an extension of Schneider's enforcement mechanism. This paper is a starting point for continuing in this area. We use an emulator as the extra structure, which emulates the behavior of a system by running a subsequence from an interleaved state sequence of processes, in order to detect several covert channels at run time. We then define a security automaton for this extended mechanism and show a class of properties which is enforced by the security automaton. Further, our mechanism can enforce information flow policies, which are specified by system developers, under an information flow property to be defined for the aim of this study. We show that the information flow property include O'Halloran's noninference. In the last of this paper, we give a simple example for the policy and an outline of our mechanism.
各種検索
サポート
ヘルプ