TINMAN: A Resource Bound Security Checking System for Mobile Code

Resource security pertains to the prevention of unauthorized usage of system resources that may not directly cause corruption or leakage of information. A common breach of resource security is the class of attacks called DoS (Denial of Service) attacks. This paper proposes an architecture called TINMAN whose goal is to efficiently and effectively safeguard resource security for mobile source code written in C. We couple resource usage checks at the programming language level and at the run-time system level. This is achieved by the generation of a resource skeleton from source code. This resource skeleton abstracts the resource consumption behavior of the program which is validated by means of a resource usage certificate that is derived from proof generation. TINMAN uses resource-usage checking tools to generate proof obligations required of the resource usage certificate and provides full coverage by monitoringan y essential property not guaranteed by the certificates. We shall describe the architecture of TINMAN and give some experimental results of the preliminary TINMAN implementation.

[1]  David B. Whalley,et al.  Bounding loop iterations for timing analysis , 1998, Proceedings. Fourth IEEE Real-Time Technology and Applications Symposium (Cat. No.98TB100245).

[2]  Carl A. Gunter,et al.  PLAN: a packet language for active networks , 1998, ICFP '98.

[3]  Alfred V. Aho,et al.  Compilers: Principles, Techniques, and Tools , 1986, Addison-Wesley series in computer science / World student series edition.

[4]  Scott Oaks,et al.  Java Security , 1998 .

[5]  George K. Papakonstantinou,et al.  A Control Structure for a Variable Number of Nested Loops , 1982, Comput. J..

[6]  Yuval Shavitt,et al.  The active process interaction with its environment , 2001, Comput. Networks.

[7]  Natarajan Shankar,et al.  PVS: A Prototype Verification System , 1992, CADE.

[8]  Craig Partridge,et al.  Smart packets: applying active networks to network management , 2000, TOCS.

[9]  David E. Evans,et al.  Flexible policy-directed code safety , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[10]  Yanhong A. Liu,et al.  Automatic Accurate Stack Space and Heap Space Analysis for High-Level Languages , 2000 .

[11]  John V. Guttag,et al.  ANTS: a toolkit for building and dynamically deploying network protocols , 1998, 1998 IEEE Open Architectures and Network Programming.

[12]  Angelos D. Keromytis,et al.  The price of safety in an active network , 2001, Journal of Communications and Networks.

[13]  Jozef Hooman,et al.  Correctness of Real Time Systems by Construction , 1994, FTRTFT.