Monitoring Reactive Systems with Dynamic Channels

with Dante Zanarini. PLAS 2014.PDF


Given the increasingly sensitive data that web applications deal with, a lot of attention has been put into their security. Dynamic methods for ensuring confidentiality of secret data, such as monitors, are usually preferred due to their permis- siveness and ability to adapt to dynamic features of web lan- guages. One dynamic approach to confidentiality is through secure multi-execution, a technique which transforms pro- grams into secure ones. A recent refinement of this technique led to a monitor for reactive systems such as web applica- tions which is precise, in the sense that it raises an alarm exactly when a security condition is violated, and transpar- ent, in the sense that the semantics of secure programs is preserved. A limitation of this and other approaches based on secure multi-execution is that there is a fixed set of chan- nels with a fixed security level. However, most web applica- tions create channels dynamically, even by doing something as trivial as adding a button to a page. Moreover, the security level of such new channel would be chosen dynamically. In this work, we overcome the limitation of assuming a fixed set of channels and introduce a model of reactive systems with dynamic channels and present a precise and transparent monitor for it.


  author    = {Zanarini, Dante and Jaskelioff, Mauro},
  year      = {2014},
  title     = {Monitoring Reactive Systems with Dynamic Channels},
  booktitle = {Proceedings of the Ninth Workshop on Programming Languages and Analysis for Security (PLAS@ECOOP 2014), {\rm Uppsala, Sweden}},
  pages     = {66},
  publisher = {{ACM}}, 
  editor    = {Alejandro Russo and Omer Tripp},
  url       = {},
  doi       = {10.1145/2637113.2637120},
  isbn      = {978-1-4503-2862-3}