A Language-Based Approach to Security. Fred B. Schneider, Greg Morrisett, and Robert Harper. Informatics: 10 Years Ahead, 10 Years Back. Conference on the Occasion of Dagstuhl's 10th Anniversary. Springer Verlag Lecture Notes in Computer Science volume 2000.
Language-based security leverages program analysis and program rewriting to
enforce security policies. The approach promises efficient enforcement of
fine-grained access control policies and depends on a trusted computing base
of only modest size. This paper surveys progress and prospects for the area,
giving overviews of in-lined reference monitors, certifying compilers, and
advances in type theory.
The basic approach is that of execution monitoring (EM), which is basically a form of itnerpretation. Indeed, the authors point out that due to universality any monitoring currnetly done in hardware, can be done in software, by the interpreter. The only obstacle is the performance overhead.
The techniques surveyed in the paper deal with this issue.
Posted to general by Ehud Lamm on 1/11/03; 2:51:29 AM