Runtime verification using policy-based approach to control information flow

Research output: Contribution to journalArticle

3 Citations (Scopus)

Abstract

Computer systems are monitored to check the performance or verified to check the correctness of the software systems with respect to security properties, such as integrity, availability and confidentiality. The more sensitive the information such as credit card information, military information or personal medical information being processed by the software, the more necessary and important to monitor and control the flow of the sensitive information. Monitoring and controlling untrusted program to ensure the information confidentiality during runtime in an environment, where confidential information is presented, is difficult and unnerving. The issue is how to monitor and control the flow of the confidential information at runtime of untrusted program. In this paper, we present a novel runtime verification approach for monitoring and controlling information flow that supports user interaction with running program.

Original languageEnglish
Pages (from-to)212-230
Number of pages19
JournalInternational Journal of Security and Networks
Volume8
Issue number4
DOIs
Publication statusPublished - 2013

Fingerprint

Monitoring
Computer systems
Availability

Keywords

  • Information flow control
  • Information flow policy
  • Runtime monitoring
  • Runtime verification
  • Security policy

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Cite this

Runtime verification using policy-based approach to control information flow. / Sarrab, Mohamed.

In: International Journal of Security and Networks, Vol. 8, No. 4, 2013, p. 212-230.

Research output: Contribution to journalArticle

@article{cf483ea7b5bb4c9ba43fd02bfb359fdd,
title = "Runtime verification using policy-based approach to control information flow",
abstract = "Computer systems are monitored to check the performance or verified to check the correctness of the software systems with respect to security properties, such as integrity, availability and confidentiality. The more sensitive the information such as credit card information, military information or personal medical information being processed by the software, the more necessary and important to monitor and control the flow of the sensitive information. Monitoring and controlling untrusted program to ensure the information confidentiality during runtime in an environment, where confidential information is presented, is difficult and unnerving. The issue is how to monitor and control the flow of the confidential information at runtime of untrusted program. In this paper, we present a novel runtime verification approach for monitoring and controlling information flow that supports user interaction with running program.",
keywords = "Information flow control, Information flow policy, Runtime monitoring, Runtime verification, Security policy",
author = "Mohamed Sarrab",
year = "2013",
doi = "10.1504/IJSN.2013.058153",
language = "English",
volume = "8",
pages = "212--230",
journal = "International Journal of Security and Networks",
issn = "1747-8405",
publisher = "Inderscience Enterprises Ltd",
number = "4",

}

TY - JOUR

T1 - Runtime verification using policy-based approach to control information flow

AU - Sarrab, Mohamed

PY - 2013

Y1 - 2013

N2 - Computer systems are monitored to check the performance or verified to check the correctness of the software systems with respect to security properties, such as integrity, availability and confidentiality. The more sensitive the information such as credit card information, military information or personal medical information being processed by the software, the more necessary and important to monitor and control the flow of the sensitive information. Monitoring and controlling untrusted program to ensure the information confidentiality during runtime in an environment, where confidential information is presented, is difficult and unnerving. The issue is how to monitor and control the flow of the confidential information at runtime of untrusted program. In this paper, we present a novel runtime verification approach for monitoring and controlling information flow that supports user interaction with running program.

AB - Computer systems are monitored to check the performance or verified to check the correctness of the software systems with respect to security properties, such as integrity, availability and confidentiality. The more sensitive the information such as credit card information, military information or personal medical information being processed by the software, the more necessary and important to monitor and control the flow of the sensitive information. Monitoring and controlling untrusted program to ensure the information confidentiality during runtime in an environment, where confidential information is presented, is difficult and unnerving. The issue is how to monitor and control the flow of the confidential information at runtime of untrusted program. In this paper, we present a novel runtime verification approach for monitoring and controlling information flow that supports user interaction with running program.

KW - Information flow control

KW - Information flow policy

KW - Runtime monitoring

KW - Runtime verification

KW - Security policy

UR - http://www.scopus.com/inward/record.url?scp=84890305350&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84890305350&partnerID=8YFLogxK

U2 - 10.1504/IJSN.2013.058153

DO - 10.1504/IJSN.2013.058153

M3 - Article

VL - 8

SP - 212

EP - 230

JO - International Journal of Security and Networks

JF - International Journal of Security and Networks

SN - 1747-8405

IS - 4

ER -