scholarly journals Sanctorum: A lightweight security monitor for secure enclaves

2019 ◽  
Author(s):  
Ilia Lebedev ◽  
Kyle Hogan ◽  
Jules Drean ◽  
David Kohlbrenner ◽  
Dayeol Lee ◽  
...  
Keyword(s):  
Security Monitor

scholarly journals Security monitor inlining and certification for multithreaded Java

2014 ◽  
Vol 25 (3) ◽  
pp. 528-565 ◽  
Author(s):  
MADS DAM ◽  
BART JACOBS ◽  
ANDREAS LUNDBLAD ◽  
FRANK PIESSENS
Keyword(s):  
Security Policy ◽  
Security Policies ◽  
Policy Enforcement ◽  
Practical Application ◽  
Aspect Oriented Programming ◽  
Application Security ◽  
Fundamental Limitations ◽  
Java Bytecode ◽  
Verification Problem ◽  
Security Monitor

Security monitor inlining is a technique for security policy enforcement whereby monitor functionality is injected into application code in the style of aspect-oriented programming. The intention is that the injected code enforces compliance with the policy (security), and otherwise interferes with the application as little as possible (conservativity and transparency). Such inliners are said to be correct. For sequential Java-like languages, inlining is well understood, and several provably correct inliners have been proposed. For multithreaded Java one difficulty is the need to maintain a shared monitor state. We show that this problem introduces fundamental limitations in the type of security policies that can be correctly enforced by inlining. A class of race-free policies is identified that precisely characterizes the inlineable policies by showing that inlining of a policy outside this class is either not secure or not transparent, and by exhibiting a concrete inliner for policies inside the class which is secure, conservative and transparent. The inliner is implemented for Java and applied to a number of practical application security policies. Finally, we discuss how certification in the style of proof-carrying code could be supported for inlined programs by using annotations to reduce a potentially complex verification problem for multithreaded Java bytecode to sequential verification of just the inlined code snippets.

Security Monitor Inlining for Multithreaded Java

2009 ◽  
pp. 546-569 ◽  
Author(s):  
Mads Dam ◽  
Bart Jacobs ◽  
Andreas Lundblad ◽  
Frank Piessens
Keyword(s):  
Security Monitor

scholarly journals Centralized real-time logs investigation in virtual data-center

2018 ◽  
Vol 7 (2.7) ◽  
pp. 1
Author(s):  
Gatla Vinay ◽  
T Pavan Kumar
Keyword(s):  
Real Time ◽  
Data Center ◽  
Data Centers ◽  
Main Theme ◽  
Log Files ◽  
File Formats ◽  
Log Management ◽  
Security Monitor ◽  
Virtual Data Center ◽  
Virtual Data

Penetration testing is a specialized security auditing methodology where a tester simulates an attack on a secured system. The main theme of this paper itself reflects how one can collect the massive amount of log files which are generated among virtual datacenters in real time which in turn also posses invisible information with excessive organization value. Such testing usually ranges across all aspects concerned to log management across a number of servers among virtual data centers. In fact, Virtualization limits the costs by reducing the need for physical hardware systems. Instead, require high-end hardware for processing. In the real-time scenario, we usually come across multiple logs among VCenter, ESXi, a VM which is very typical for performing manual analysis with a bit more time-consuming. Instead of configuring secure-ids automatically in a Centralized log management server gains a powerful full insight. Along with using accurate search algorithms, fields searching, which includes title, author, and also content comes out of searching, sorting fields, multiple-index search with merged results simultaneously updates files, with joint results grouping automatically configures few plugs among search engine file formats were effective measures in an investigation. Finally, by using the Flexibility Network Security Monitor, Traffic Investigation, offensive detection, Log Recording, Distributed inquiry with full program's ability can export data to a variety of visualization dashboard which exactly needed for Log Investigations across Virtual Data Centers in real time.

scholarly journals Searching for “Illegal” Junk in the Trunk

2017 ◽  
Vol 20 (1) ◽  
pp. 157-179 ◽  
Author(s):  
Maartje van der Woude ◽  
Jelmer Brouwer
Keyword(s):  
Control Strategies ◽  
Mobile Security ◽  
Border Control ◽  
War On Terrorism ◽  
Large Section ◽  
Global War On Terrorism ◽  
Immigration Control ◽  
Cross Border ◽  
Security Monitor ◽  
Global War

In the wake of the refugee crisis and the global war on terrorism, many European countries are revising their border control strategies. Despite having signed the Schengen Agreement, as a result of which all forms of internal border control within a large section of Europe have been abolished, many countries are exploring the legal possibilities to monitor cross-border mobility. By focusing on the case of the Netherlands, this article aims to assess one of these possibilities: carrying out so-called Schengen proof spot checks in the 20-km zone around the land borders with Belgium and Germany. In this article we aim to examine whether the Dutch Mobile Security Monitor is exercised justly and fairly. We will assess street-level discretionary decision making by officers of the Royal Netherlands Marechaussee, the Dutch border police organization responsible for carrying out the MSM, through the sociolegal lens of the principle of non-misuse of competence also known as détournement de pouvoir. Although the MSM is meant as an instrument of immigration control, based on our extensive qualitative fieldwork this article will show a different picture.

Sign in / Sign up

Export Citation Format

Share Document