Presentation is loading. Please wait.

Presentation is loading. Please wait.

KATHOLIEKE UNIVERSITEIT LEUVEN 1 Run time enforcement of security policies on the.NET framework Frank Piessens Joint work with many people including Lieven.

Published byLesley Barrett Modified over 9 years ago

Similar presentations

Presentation on theme: "KATHOLIEKE UNIVERSITEIT LEUVEN 1 Run time enforcement of security policies on the.NET framework Frank Piessens Joint work with many people including Lieven."— Presentation transcript:

1 KATHOLIEKE UNIVERSITEIT LEUVEN 1 Run time enforcement of security policies on the.NET framework Frank Piessens Joint work with many people including Lieven Desmet, Pieter Philippaerts, Dries Vanoverberghe, Fabio Massacci, Katsiaryna Naliuka, Wouter Joosen

2 KATHOLIEKE UNIVERSITEIT LEUVEN Overview Problem statement Policies Enforcement Our implementation for.NET Conclusion 2

3 KATHOLIEKE UNIVERSITEIT LEUVEN Problem Statement How can you run an application and be sure it will not “do any harm”? Existing technologies for running applications under tight control of a security policy fall short: –On desktops/servers: no support for “quota” on resources such as network bandwidth, windows,… –On smartphones / PDA’s: even no support for configurable sandboxing 3

4 KATHOLIEKE UNIVERSITEIT LEUVEN Objective Efficiently enforce flexible security policies on applications running on the.NET framework –Both the full framework and the compact framework –Without modifications to the virtual machine or the system libraries Flexible policies means: –Stateful (e.g. resource quota) –History based (e.g. privacy policies) –Context based (e.g. “only on business hours”) 4

5 KATHOLIEKE UNIVERSITEIT LEUVEN Policies Policies are specified as security automata – Security relevant events of an application are transitions from the application into the platform libraries –Application basically generates traces of such events –Policy is an automaton that specifies the set of acceptable traces, possibly using context info Example automaton: –“no send after read” 5

6 KATHOLIEKE UNIVERSITEIT LEUVEN The CONSPEC policy language 6 SCOPE Session SECURITY STATE int activeConnections = 0; int maxConnections = 2; BEFORE System.Net.Sockets.Socket.Connect(System.Net.EndPoint) PERFORM activeConnections { } AFTER System.Net.Sockets.Socket.Connect(System.Net.EndPoint) PERFORM true -> { activeConnections++; } (Designed in the European project S3MS)

7 KATHOLIEKE UNIVERSITEIT LEUVEN Enforcement of policies Inline reference monitor: –Rewrite an application to insert additional security checks, in such a way that: –The rewritten application is guaranteed not to violate the policy Existing (research) systems (for Java): –PoET/PSLang –Polymer –… 7

8 KATHOLIEKE UNIVERSITEIT LEUVEN Architecture of our system 8

9 KATHOLIEKE UNIVERSITEIT LEUVEN Implementation Source policies are compiled to Policy Decision Points (PDP) assemblies Applications are rewritten to insert calls to the PDP assembly at each security relevant event The PDP either returns silently or throws a security exception Design and implementation: Pieter Philippaerts, Lieven Desmet and Dries Vanoverberghe 9

10 KATHOLIEKE UNIVERSITEIT LEUVEN 10 Application DLL Rewriting at load time Monitored Application DLL Policy DLL Security events.NET Common Language Runtime

11 KATHOLIEKE UNIVERSITEIT LEUVEN Status of the prototype This is ongoing research in the context of Sobenet and the European project Security of Software and Services for Mobile Systems (S3MS) Both a smartphone based system and a desktop based system is operational –With some limitations A visualization of policy state was implemented as part of Johan Moons’ master thesis 11

12 KATHOLIEKE UNIVERSITEIT LEUVEN 12

13 KATHOLIEKE UNIVERSITEIT LEUVEN 13

14 KATHOLIEKE UNIVERSITEIT LEUVEN 14

15 KATHOLIEKE UNIVERSITEIT LEUVEN Conclusion Security automata are a powerful foundation for access control –Proven to be “complete” in some sense: anything you can enforce can be specified as a security automaton Inline reference monitors are feasible on real-life applications 15

Download ppt "KATHOLIEKE UNIVERSITEIT LEUVEN 1 Run time enforcement of security policies on the.NET framework Frank Piessens Joint work with many people including Lieven."

Similar presentations

An Adaptive Policy-Based Framework for Network Service Management Leonidas Lymberopoulos Emil Lupu Morris Sloman Department of Computing Imperial College.

An Adaptive Policy-Based Framework for Network Service Management Leonidas Lymberopoulos Emil Lupu Morris Sloman Department of Computing Imperial College.
A Usage-based Authorization Framework for Collaborative Computing Systems Xinwen Zhang George Mason University Masayuki Nakae NEC Corporation Michael J.

A Usage-based Authorization Framework for Collaborative Computing Systems Xinwen Zhang George Mason University Masayuki Nakae NEC Corporation Michael J.
An Overview Of Virtual Machine Architectures Ross Rosemark.

An Overview Of Virtual Machine Architectures Ross Rosemark.
A Survey of Runtime Verification Jonathan Amir 2004.

A Survey of Runtime Verification Jonathan Amir 2004.
C++ Programming Languages

C++ Programming Languages
Containment and Integrity for Mobile Code Status Report to DARPA ISO: Feb. 2000 Fred B. Schneider Andrew Myers Department of Computer Science Cornell University.

Containment and Integrity for Mobile Code Status Report to DARPA ISO: Feb Fred B. Schneider Andrew Myers Department of Computer Science Cornell University.
KATHOLIEKE UNIVERSITEIT LEUVEN 1Secure Software - (C) 2002-2005 F. Piessens Preventing Software Vulnerabilities by Static Verification and Run Time Checking.

KATHOLIEKE UNIVERSITEIT LEUVEN 1Secure Software - (C) F. Piessens Preventing Software Vulnerabilities by Static Verification and Run Time Checking.
Java Basic Training HaiNH - FQA. Agenda Introduction to Java Java Programming Environment Language Fundamental Object Oriented Programming with Java.

Java Basic Training HaiNH - FQA. Agenda Introduction to Java Java Programming Environment Language Fundamental Object Oriented Programming with Java.
Policy Weaving for Mobile Devices Drew Davidson. Smartphone security is critical – 1200 to 1400 US Army troops to be equipped with Android smartphones.

Policy Weaving for Mobile Devices Drew Davidson. Smartphone security is critical – 1200 to 1400 US Army troops to be equipped with Android smartphones.
ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.

ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.
ActionScript In-lined Reference Monitoring in Prolog Meera Sridhar and Kevin W. Hamlen The University of Texas at Dallas January 18, 2010 Supported by.

ActionScript In-lined Reference Monitoring in Prolog Meera Sridhar and Kevin W. Hamlen The University of Texas at Dallas January 18, 2010 Supported by.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
UNDERSTANDING JAVA APIS FOR MOBILE DEVICES v0.01.

UNDERSTANDING JAVA APIS FOR MOBILE DEVICES v0.01.
Reseach in DistriNet (department of computer science, K.U.Leuven) General overview and focus on embedded systems task-force.

Reseach in DistriNet (department of computer science, K.U.Leuven) General overview and focus on embedded systems task-force.
OmniVM Efficient and Language- Independent Mobile Programs Ali-Reza Adl-Tabatabai, Geoff Langdale, Steven Lucco and Robert Wahbe from Carnegie Mellon University.

OmniVM Efficient and Language- Independent Mobile Programs Ali-Reza Adl-Tabatabai, Geoff Langdale, Steven Lucco and Robert Wahbe from Carnegie Mellon University.
A Type System for Expressive Security Policies David Walker Cornell University.

A Type System for Expressive Security Policies David Walker Cornell University.
Bending Binary Programs to your Will Rajeev Barua.

Bending Binary Programs to your Will Rajeev Barua.
Intro to C# Language Richard Della Tezra IS 373. What Is C#? C# is type-safe object-oriented language Enables developers to build a variety of secure.

Intro to C# Language Richard Della Tezra IS 373. What Is C#? C# is type-safe object-oriented language Enables developers to build a variety of secure.
Lecture 1: Overview of Java. What is java? Developed by Sun Microsystems (James Gosling) A general-purpose object-oriented language Based on C/C++ Designed.

Lecture 1: Overview of Java. What is java? Developed by Sun Microsystems (James Gosling) A general-purpose object-oriented language Based on C/C++ Designed.
Phu H. Phung Chalmers University of Technology JSTools’ 12 June 13, 2012, Beijing, China Joint work with Lieven Desmet (KU Leuven)

Phu H. Phung Chalmers University of Technology JSTools’ 12 June 13, 2012, Beijing, China Joint work with Lieven Desmet (KU Leuven)

Similar presentations

Ads by Google