A survey of runtime policy enforcement techniques and implementations

Gheorghe, Gabriela and Crispo, Bruno (2011) A survey of runtime policy enforcement techniques and implementations. UNSPECIFIED.

Download (907Kb) | Preview


    Runtime techniques bring new promises of accuracy and flexibility in enforcing security policies. While static security enforcement was previously studied and classified, this work is the first to survey the state of the art on runtime security enforcement. Our purpose is to encourage a better understanding of limitations and advantages of enforcement techniques and their implementations. We classify techniques by criteria such as abstraction level, enforced policies and security guarantees. We analyse several implementations of each technique, from the point of view of trust model, policy language and performance overhead. Finally, we discuss research issues for further investigation in policy enforcement.

    Item Type: Departmental Technical Report
    Department or Research center: Information Engineering and Computer Science
    Subjects: Q Science > QA Mathematics > QA076 Computer software
    Report Number: DISI-11-477
    Repository staff approval on: 04 Oct 2011

    Actions (login required)

    View Item