You are here: TUCS > PUBLICATIONS > Publication Search > Experiences with Embedding MPL...
Experiences with Embedding MPL Security Monitors into Java Programs
Jari-Matti Mäkelä, Ville Leppänen, Experiences with Embedding MPL Security Monitors into Java Programs. In: Proceedings of International Conference on Computer Systems and Technologies, CompSysTech'09, 6 pages, 2009.
Abstract:
We have developed Modular Policy Language (MPL) for embedding
rule-based security monitors into Java programs. Our monitors
can capture and save all kind of information related to monitored
program execution and then use that information to prevent unwanted,
malicious program behaviour. MPL descriptions are translated
into AspectJ programs which are woven into bytecode-based Java
programs before the execution or when loading bytecode modules into
the execution environment.
In this paper we describe our experiences of using MPL to decribe
security monitors. Although MPL is much more flexible and powerful than
the basic security mechanism of Java security monitors, we find
that MPL still suffers from certain weaknesses. Some of the weaknesses
are only related to the present version of MPL whereas some are
fundamentally related to program monitoring.
BibTeX entry:
@INPROCEEDINGS{inpMaLe09b,
title = {Experiences with Embedding MPL Security Monitors into Java Programs},
booktitle = {Proceedings of International Conference on Computer Systems and Technologies, CompSysTech'09},
author = {Mäkelä, Jari-Matti and Leppänen, Ville},
pages = {6 pages},
year = {2009},
}
Belongs to TUCS Research Unit(s): Algorithmics and Computational Intelligence Group (ACI)