Where academic tradition
meets the exciting future

Security Monitors for Java Programs with MPL

Ville Leppänen, Jari-Matti Mäkelä, Security Monitors for Java Programs with MPL. International Journal on Information Technologies and Security 4(1), 35–50, 2012.


Security breaches caused by various malicious programs/program fragments can be tackled by either preventing their existence in computer systems or by preventing them to cause any harm. We follow the latter approach by elaborating on the approach to subjugate
executed programs under a security monitor. We have developed Modular Policy Language (MPL) for embedding rule-based security monitors into Java programs. Our monitors can capture and save all kind of information related to monitored program execution and then use that information to prevent unwanted, malicious program behavior. MPL descriptions are translated as AspectJ programs which are woven into bytecode-based Java programs before the execution or when loading bytecode modules
into the execution environment. We provide general advices and describe our experiences of using MPL for constructing security monitors.

BibTeX entry:

  title = {Security Monitors for Java Programs with MPL},
  author = {Leppänen, Ville and Mäkelä, Jari-Matti},
  journal = {International Journal on Information Technologies and Security},
  volume = {4},
  number = {1},
  publisher = {Technical University of Sofia},
  pages = {35–50},
  year = {2012},
  keywords = {rule-based security, runtime monitoring, aspects},

Belongs to TUCS Research Unit(s): Software Development Laboratory (SwDev)

Publication Forum rating of this publication: level 1

Edit publication