LoPSiL: A location-based policy-specification language This paper describes the design of LoPSiL, a language for specifying location-dependent security and privacy policies. Policy- specification languages like LoPSiL are domain-specific programming languages intended to simplify the tasks of specifying and enforcing sound security policies on untrusted (i.e., potentially insecure) software. As far as we are aware, LoPSiL is the first imperative policy-specification language to provide abstractions specifically tailored to location-dependent policies for mobile-device applications. We have implemented a proof-of-concept compiler that inputs a LoPSiL policy P and a mobile-device application program A and outputs a new application program A ’ equivalent to A, except that A ’ contains inlined enforcement code that ensures that A ’ satisfies P at runtime. We report our experiences using this compiler to design and implement several policies for mobile-device applications.
Keywords for this software
References in zbMATH (referenced in 5 articles , 1 standard article )
Showing results 1 to 5 of 5.
- Aceto, Luca; Cassar, Ian; Francalanza, Adrian; Ingólfsdóttir, Anna: On runtime enforcement via suppressions (2018)
- Finnis, Joshua; Saigal, Nalin; Iamnitchi, Adriana; Ligatti, Jay: A location-based policy-specification language for mobile devices (2012) ioport
- Khoury, Raphaël; Tawbi, Nadia: Which security policies are enforceable by runtime monitors? A survey (2012)
- Ligatti, Jay; Reddy, Srikar: A theory of runtime enforcement, with results (2010) ioport
- Ligatti, Jay; Rickey, Billy; Saigal, Nalin: LoPSiL: A location-based policy-specification language (2009)