Hostname: page-component-586b7cd67f-t7czq Total loading time: 0 Render date: 2024-12-02T21:25:19.992Z Has data issue: false hasContentIssue false

Program specialization for execution monitoring

Published online by Cambridge University Press:  13 May 2003

PETER THIEMANN
Affiliation:
Institut für Informatik, Universitát Freiburg, Georges-Köhler-Allee 079, D-79110 Freiburg i.Br., Germany (e-mail: [email protected])
Rights & Permissions [Opens in a new window]

Abstract

Core share and HTML view are not available for this content. However, as you have access to this content, a full PDF is available via the ‘Save PDF’ action button.

Execution monitoring is a proven tool for securing program execution and to enforce safety properties on applets and mobile code, in particular. Inlining monitoring tools perform their task by inserting certain run-time checks into the monitored application before executing it. For efficiency reasons, they attempt to insert as few checks as possible using techniques ranging from simple ad hoc optimizations to theorem proving. Partial evaluation is a powerful tool for specifying and implementing program transformations. The present work demonstrates that standard partial evaluation techniques are sufficient to transform an interpreter equipped with monitoring code into a non-standard compiler. This compiler generates application code, which contains the inlined monitoring code. If the monitor is enforcing a security policy, then the result is a secured application code. If the policy is defined using a security automaton, then the transformation can elide many run-time checks by using abstract interpretation. Our approach relies on proper staging of the monitoring interpreter. The transformation runs in linear time, produces code linear in the size of the original program, and is guaranteed not to duplicate incoming code.

Type
Research Article
Copyright
© 2003 Cambridge University Press
Submit a response

Discussions

No Discussions have been published for this article.