CT-ISG: Collaborative Research: Trustworthy Enforcement of Domain-independent Run-time Policies

CT-ISG：协作研究：域独立运行时策略的可信执行

• 批准号: 0716343
• 负责人: Jay Ligatti
• 金额: $ 30万
• 依托单位: University of South Florida
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2007
• 资助国家: 美国
• 起止时间: 2007-08-01 至 2011-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0716343&HistoricalAwards=false
• 关键词: CT; ISG; Collaborative; Research; Trustworthy

CT-ISG: Collaborative Research: Trustworthy Enforcementof Domain-independent Run-time PoliciesAbstractRun-time monitors are a common and pervasive mechanism for ensuring that software andsystems adhere to security policies. Anti-virus and anti-spyware programs, personal firewalls,intrusion-detection tools, Java's stack inspection, and even mechanisms that trap operatingsystemexceptions in order to show a ?blue screen of death? can all be thought of as run-timemonitors. Although they differ greatly in their complexity and scope of policies that they canenforce, these mechanisms all observe the behavior of a running system and detect and reactto potentially dangerous events. Despite the pervasiveness and real-world importance of runtimemonitors, their use has far outpaced theoretical work that makes it possible to rigorouslyreason about monitors and the policies that they enforce, particularly in distributed settings.This project develops models, tools, and mechanisms for reasoning about and implementingdistributed, concurrently executing run-time monitors. The research adopts a holistic,four-prong approach that spans the breadth of the space between theoretical models andpractical systems for enforcing run-time policies. Specifically, this project (1) creates aframework for reasoning about enforcement that permits the possibilities of concurrent, distributedcomputations; (2) develops a type-safe policy-specification language that ensuresthat specified policies compile into well-behaved monitoring mechanisms; (3) designs trustworthyalgorithms for automatically translating a desired overall policy into node-specificpolicies that can be distributed and enforced throughout a network; and (4) designs, implements,and tests a prototype system for specifying and enforcing run-time policies withsupport for concurrently executing computations. Taken together, these research tasks enableformal modeling and automatic enforcement of run-time security policies in concurrentand distributed settings.

CT-ISG：合作研究：独立于域的运行时策略的可信执行摘要运行时监视器是一种常见的和普遍的机制，用于确保软件和系统遵守安全策略。反病毒和反间谍软件程序，个人防火墙，入侵检测工具，Java的堆栈检查，甚至是捕获操作系统异常以显示异常的机制。蓝屏死亡？都可以看作是运行时间监视器。尽管它们在复杂性和可执行的策略范围上有很大的不同，但这些机制都观察运行系统的行为，并检测和应对潜在的危险事件。尽管运行时间监视器在现实世界中非常普遍和重要，但它们的使用已经远远超过了理论工作，这使得严格推理监视器及其执行的策略成为可能，特别是在分布式设置中。该项目开发模型、工具和机制，用于推理和实现分布式、并发执行的运行时监视器。该研究采用了一个整体的，四管齐下的方法，跨越了理论模型和实际系统之间的空间宽度，用于执行运行时策略。具体地说，本项目（1）建立了一个推理执行的框架，允许并发的分布式计算的可能性;（2）开发了一种类型安全的策略规范语言，确保指定的策略编译成行为良好的监控机制;（3）设计了值得信赖的算法，用于自动将所需的总体策略转换为可以在整个网络中分布和执行的节点特定的策略;以及（4）设计、实现和测试用于指定和实施支持并发执行计算的运行时策略的原型系统。总之，这些研究任务使正式建模和自动执行的运行时安全策略在concurrentand分布式设置。