Fred B. Schneider. Enforceable security policies. technical report,
Cornell University, 1998.
PDF
Kevin W. Hamlen, Greg Morrisett, and Fred B. Schneider. Computability
Classes for Enforcement Mechanisms. Technical Report: TR2003-1908.
August 2003
PDF
Mahesh Viswanathan. Foundations for the Run-time Analysis of Software
systems. PhD thesis, University of Pennsylvania, December 2000.
PS
Lujo Bauer, Jarred Ligatti, David Walker, More Enforceable Security
Policies, Princeton, 2002.
PDF
Lujo Bauer, Jarred Ligatti, David Walker, A Calculus for composing
Security Policies, Princeton, 2002
PDF
Lujo Bauer, Jarred Ligatti, David Walker, Types and Effects for
Non-interfering Program, Princeton, 2002
PDF
Lujo Bauer, Jarred Ligatti, David Walker, Edit Automata: Enforcement
Mechanisms for Run-time Security Policies, Princeton, 2003
PDF
Lujo Bauer, Jarred Ligatti, David Walker,Composing Security Policies with Polymer,2005,PDF
Jay Ligatti, Lujo Bauer, and David Walker, Enforcing non-safety security policies with program monitors, In Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS), September 2005,
PDF
David Evans, Andrew Twyman, Flexible Policy-Directed Code Safety,
MIT, 1999
PDF
Peter Thiemann. Enforcing security properties by type specialization.
April 2001.
PS
Thomas Colombet, Pascal Fradet. Enforcing trace properties by program
transformation. January 2000.
PDF
Dexter Kozen. "Language-based security," In M. Kutylowski, L. Pacholski, and T. Wierzbicki, editors, Proc. Conf. Mathematical Foundations of Computer Science (MFCS'99), Lecture Notes in Computer Science v. 1672, Springer-Verlag, September 1999, 284-298. PS
F.B.Schneider, G. Morrisett and R.Harper,
A language-based approach to security. Informatics: 10 Years Back, 10 Years Ahead, Lecture Notes in Computer Science, Vol. 2000, Springer-Verlag, Heidelberg, 86-101. PS
Reference Monitor
Anderson, J.P. (1972). Computer Security Technology Planning Study.
ESD-TR-73-51, Air Force Electronic Systems Division, Hanscom AFB,
Bedford, MA
No electronic document available.
James P. Anderson, Computer Security Threat Monitoring and Surveillance, James P. Anderson Co., Fort Washington, PA (Apr. 1980)
G.S. Graham and P.J. Denning. Protection?Principles and Practice. In
Proc. SJCC, volume 40, pages 417?429, 1972.
M.V. Wilkes and R.M. Needham, editors. The Cambridge CAP computer and
its operating system. Operating and Programming System Series. Elsevier,
North Holland, 1979.
David Walker. A type system for expressive security properties. In the Twenty-Seventh ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 254-267, Boston, MA, USA, January 2000. PS.GZ
Stephen McCamant and Greg Morrisett. Efficient, Verifiable Binary Sandboxing for a CISC Architecture. MIT Laboratory for Computer Science Technical Report 988 (MIT-LCS-TR-988). May 2nd, 2005. PDF
S. Chodrow, F. Jahanian, and M. Donner. RunTime Monitoring of Real-Time Systems, Proc. IEEE Real-Time Systems Symp., pp. 74-83, Dec. 1991.PDF
Ajay Chander, Drew Dean and John Mitchell, A Distributed High Assurance Reference Monitor, Extended Abstract, Proceedings of the 7th Information Security Conference, LNCS 3225, pp. 231-244, Palo Alto, CA, September 2004. PDF
Winfried W. Kuhnhauser, A Paradigm for User-Defined Security Policies, Symposium on Reliable Distributed Systems, 135-144, 1995 .PDF
R. Sekar, V. Venkatakrishnan, S. Basu, S. Bhatkar, and D. DuVarney. Model-carrying code: A practical approach for safe execution of untrusted applications. In ACM Symposium on Operating System Principles (SOSP), Bolton Landing, New York, October 2003.PDF
Klaus Havelund and Grigore Rosu, Synthesizing Monitors for Safety Properties, TACAS 2002, PDF
Koushik Sen, Abhay Vardhan, Gul Agha, Grigore Rosu, Efficient Decentralized Monitoring of Safety in Distributed Systems, In Proceedings of 26th International Conference on Software Engineering (ICSE'04), pages 418--427, Edinburgh, UK, May 2004, PDF
Koushik Sen, Grigore Rosu, Gul Agha, Generating Optimal Linear Temporal Logic Monitors by Coinduction,In Proceedings of 8th Asian Computing Science Conference (ASIAN'03) (To appear in LNCS), December 2003 PDF
Feng Chen and Grigore Rosu ,Java-MOP: A Monitoring Oriented Programming Environment for Java, (TACAS'05),
PDF
Feng Chen, Marcelo d'Amorim and Grigore Rosu, Checking and Correcting Behaviors of Java Programs at Runtime with Java-MOP,Fifth Workshop on
Runtime Verification, 2005, PDF
Inlined Reference Monitors
R. Wahbe, S. Lucco, T.E. Anderson, and S.L. Graham. Efficient
software-based fault isolation. Operating System Review, 27(5), 1993.
PDF
Kevin W. Hamlen, Greg Morrisett, and Fred B. Schneider. Certfied In-lined Reference Monitoring on .NET. Submitted for publication. November, 2005,
PDF
U. Erlingsson and F.B. Schneider. IRM enforcement of Java stack
inspection. In Proc. of 2000 IEEE Symposium on Security and Privacy, May
2000.
PS
U. Erlingsson and F.B. Schneider. SASI enforcement of security
policies: A retrospective. In Proc. 1999 New Security Paradigms
Workshop. ACM Press, September 1999.
PDF
U. Erlingsson, The Inlined Reference Monitor Approach to Security Policy Enforcement.
Ph.D. thesis, Technical Report 2003-1916, Department of Computer Science, Cornell University, Ithaca, NY, 2003.
PDF
P. Thiemann. Program specialization for execution monitoring. Journal
of Functional Programming, 13(3):573?600, May 2003. Link to page with PDF
Philip W. L. Fong. Proof Linking: Modular Verification Architecture for Mobile Code Systems. PhD Dissertation, School of Computing Science, Simon Fraser University, Burnaby, BC, Canada V5A 1S6, January 2004. PDF
Raju Pandey, Brant Hashii, Providing fine-grained access control for Java programs via binary editing, Concurrency: Practice and Experience, volume 12, no 14, 1405-1430, 2000 Link to PDF
David Evans Andrew Twyman, Flexible Policy-Directed Code Safety. In IEEE Symposium on Security and Privacy, May 1999, PDF
Cousot, Cousot Systematic design of program transformation frameworks by abstract interpretation, Annual Symposium on Principles of Programming Languages,
Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, Portland, Oregon Pages: 178 - 190 , 2002 Link to ACM
Jarle Hulaas, Walter Binder, Program transformations for portable CPU accounting and control in Java, 2004 Link to PDF
Venkatakrishnan, V. N., Peri, R., and Sekar, R. 2002. Empowering mobile code using expressive security policies. In Proceedings of the 2002 Workshop on New Security Paradigms Link to PDF
Sirer, E. G. and Wang, K. 2002. An access control language for web services. In Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies, Link to PDF
Klaus Havelund, Grigore Rosu, Proceedings, International Conference on Automated Software Engineering (ASE'01), 2001,PDF
Monitors for debuggers
Amir Kishon, Paul Hudak, Charles Consel, Monitoring Semantics: A
Formal Framework for Specifying, Implementing, and Reasoning about
Execution Monitors, Yale University, 1991 Link to ACM
Application Dependent and Special Purpose Policies
Grimm, R. and Bershad, B. N. 1999. Providing policy-neutral and transparent access control in extensible systems. In Secure internet Programming: Security Issues For Mobile and Distributed Objects, J. Vitek and C. D. Jensen, Eds. Lecture Notes In Computer Science. Springer-Verlag, London, 317-338. PDF
Jajodia, S., Samarati, P., and Subrahmanian, V. S. 1997. A Logical Language for Expressing Authorizations. In Proceedings of the 1997 IEEE Symposium on Security and Privacy (May 04 - 07, 1997). SP. IEEE Computer Society, Washington, DC, 31.Link to PDF
Woo, T.Y.C. Lam, S.S, Authorization in Distributed Systems: A Formal Approach ,
Proceedings of IEEE Computer Society Symposium on Research in Security and Privacy, 1992, 33-50, PS
Stack Inspection
Wallach, D.S.; Felten, E.W., "Understanding Java stack inspection", Security and Privacy, 1998. Proceedings. 1998 IEEE Symposium on , vol., no.pp.52-63, 3-6 May 1998, PDF
Massimo Bartoletti, Pierpaolo Degano, Gian Luigi Ferrari, Stack Inspection and Secure Program Transformations, International Journal of Information Security,2004 PDF
Rewriting
Ian Welch, Robert J. Stroud, Kava - A Reflective Java Based on Bytecode Rewriting, Lecture Notes in Computer Science, Volume 1826, Jan 2000, Page 155, PDF
Aspect Oriented Programming (AOP) & Design by Contract (DBC)
Aspect oriented programming with AspectJ (Mini Tutorial)
html
G. Kiczales, J. Lamping, A. Mendhekar, C. Maeda, C. Lopes, J.-M. Loingtier, and J. Irwin. Aspect-oriented programming. In ECOOP'97---Object-Oriented Programming, 11th European Conference, LNCS 1241, pages 220--242, 1997
PS
Mike Barnett, K. Rustan M. Leino, and Wolfram Schulte. The Spec# programming system: An overview In CASSIS 2004, LNCS vol. 3362, Springer, 2004. PDF
Contract enforcement with AOP (Mini Tutorial)
html
D. Walker, S. Zdancewic, and J. Ligatti. A Theory of Aspects. In International Conference on Functional Programming, 2003 PDF