Policy enforcers are sophisticated runtime components that can prevent failures by enforcing the correct behavior of the software. While a single enforcer can be easily designed focusing only on the behavior of the application that must be monitored, the effect of multiple enforcers that enforce different policies might be hard to predict. So far, mechanisms to resolve interferences between enforcers have been based on priority mechanisms and heuristics. Although these methods provide a mechanism to take decisions when multiple enforcers try to affect the execution at a same time, they do not guarantee the lack of interference on the global behavior of the system. In this paper we present a verification strategy that can be exploited to discover interferences between sets of enforcers and thus safely identify a-priori the enforcers that can co-exist at run-time. In our evaluation, we experimented our verification method with several policy enforcers for Android and discovered some incompatibilities.

Riganelli, O., Micucci, D., Mariani, L., Falcone, Y. (2017). Verifying policy enforcers. In Runtime Verification (pp.241-258). Springer Verlag [10.1007/978-3-319-67531-2_15].

Verifying policy enforcers

Riganelli, O
;
Micucci, D;Mariani, L;
2017

Abstract

Policy enforcers are sophisticated runtime components that can prevent failures by enforcing the correct behavior of the software. While a single enforcer can be easily designed focusing only on the behavior of the application that must be monitored, the effect of multiple enforcers that enforce different policies might be hard to predict. So far, mechanisms to resolve interferences between enforcers have been based on priority mechanisms and heuristics. Although these methods provide a mechanism to take decisions when multiple enforcers try to affect the execution at a same time, they do not guarantee the lack of interference on the global behavior of the system. In this paper we present a verification strategy that can be exploited to discover interferences between sets of enforcers and thus safely identify a-priori the enforcers that can co-exist at run-time. In our evaluation, we experimented our verification method with several policy enforcers for Android and discovered some incompatibilities.
paper
Proactive library, Self-healing, Android, Resource usage, API, Policy enforcement, Runtime enforcement
English
International Conference on Runtime Verification, RV 2017
2017
Runtime Verification
9783319675305
2017
10548
241
258
none
Riganelli, O., Micucci, D., Mariani, L., Falcone, Y. (2017). Verifying policy enforcers. In Runtime Verification (pp.241-258). Springer Verlag [10.1007/978-3-319-67531-2_15].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/10281/182558
Citazioni
  • Scopus 12
  • ???jsp.display-item.citation.isi??? 4
Social impact