Skip to Main content Skip to Navigation
Conference papers

Verifying Policy Enforcers

Abstract : Policy enforcers are sophisticated runtime components that can prevent failures by enforcing the correct behavior of the software. While a single enforcer can be easily designed focusing only on the behavior of the application that must be monitored, the effect of multiple enforcers that enforce different policies might be hard to predict. So far, mechanisms to resolve interferences between enforcers have been based on priority mechanisms and heuristics. Although these methods provide a mechanism to take decisions when multiple enforcers try to affect the execution at a same time, they do not guarantee the lack of interference on the global behavior of the system. In this paper we present a verification strategy that can be exploited to discover interferences between sets of enforcers and thus safely identify a-priori the enforcers that can co-exist at run-time. In our evaluation, we experimented our verification method with several policy enforcers for Android and discovered some incompatibilities.
Complete list of metadata

Cited literature [33 references]  Display  Hide  Download
Contributor : Yliès Falcone Connect in order to contact the contributor
Submitted on : Saturday, December 2, 2017 - 11:59:17 AM
Last modification on : Wednesday, July 6, 2022 - 4:16:19 AM
Long-term archiving on: : Saturday, March 3, 2018 - 12:36:21 PM


Files produced by the author(s)


  • HAL Id : hal-01653894, version 1


Oliviero Riganelli, Daniela Micucci, Leonardo Mariani, Yliès Falcone. Verifying Policy Enforcers. RV 2017 - 17th International Conference on Runtime Verification, Sep 2017, Seattle, United States. ⟨hal-01653894⟩



Record views


Files downloads