CT-ISG: Collaborative Research: Trustworthy Enforcement of Domain-Independent Run-Time Policies

CT-ISG：协作研究：域独立运行时策略的可信执行

• 批准号: 0716216
• 负责人: Ljudevit Bauer
• 金额: --
• 依托单位: Carnegie-Mellon University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2007
• 资助国家: 美国
• 起止时间: 2007-08-01 至 2010-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0716216&HistoricalAwards=false
• 关键词: CT; ISG; Collaborative; Research; Trustworthy

CT-ISG: Collaborative Research: Trustworthy Enforcementof Domain-independent Run-time PoliciesAbstractRun-time monitors are a common and pervasive mechanism for ensuring that software andsystems adhere to security policies. Anti-virus and anti-spyware programs, personal firewalls,intrusion-detection tools, Java's stack inspection, and even mechanisms that trap operatingsystemexceptions in order to show a ?blue screen of death? can all be thought of as run-timemonitors. Although they differ greatly in their complexity and scope of policies that they canenforce, these mechanisms all observe the behavior of a running system and detect and reactto potentially dangerous events. Despite the pervasiveness and real-world importance of runtimemonitors, their use has far outpaced theoretical work that makes it possible to rigorouslyreason about monitors and the policies that they enforce, particularly in distributed settings.This project develops models, tools, and mechanisms for reasoning about and implementingdistributed, concurrently executing run-time monitors. The research adopts a holistic,four-prong approach that spans the breadth of the space between theoretical models andpractical systems for enforcing run-time policies. Specifically, this project (1) creates aframework for reasoning about enforcement that permits the possibilities of concurrent, distributedcomputations; (2) develops a type-safe policy-specification language that ensuresthat specified policies compile into well-behaved monitoring mechanisms; (3) designs trustworthyalgorithms for automatically translating a desired overall policy into node-specificpolicies that can be distributed and enforced throughout a network; and (4) designs, implements,and tests a prototype system for specifying and enforcing run-time policies withsupport for concurrently executing computations. Taken together, these research tasks enableformal modeling and automatic enforcement of run-time security policies in concurrentand distributed settings.

CT-ISG：协作研究：与域无关的运行时策略执行可信赖的执法是一种常见且普遍存在的机制，可确保软件和系统遵守安全策略。防病毒和反间谍软件程序，个人防火墙，入侵检测工具，Java的堆栈检查，甚至是捕获操作策略的机制，以便显示出死亡的蓝屏？都可以将所有人都视为运行式式timemonitors。尽管它们的复杂性和政策范围差异很大，但这些机制都观察到了运行系统的行为，并检测并反应了潜在的危险事件。尽管RuntimeMonItors具有普遍性和现实世界的重要性，但它们的使用远远超过了理论工作，这使得对监视器的严格性及其执行的政策有可能，尤其是在分布式设置中。该项目开发了模型，工具和机制，以进行有关和实施跑步的跑步时间，并稳定地执行跑步时间。该研究采用了一种整体，四个统计的方法，涵盖了实施运行时策略的理论模型和实践系统之间空间的广度。具体而言，该项目（1）为允许并发，分布式计算的可能性进行推理创建了AFRAMEWORK； （2）开发了一种类型安全的政策规范式语言，该语言将确定的政策汇编成良好的监控机制； （3）设计可自动将所需的总体策略转化为节点特异性的TrustWorthyalgorithms，这些策略可以在整个网络中分布和执行； （4）设计，实施和测试一个原型系统，用于通过同时执行计算的支持来指定和执行运行时策略。综上所述，这些研究任务实现了在Consurrent和分布式设置中对运行时安全策略的自动执行。