Trusted Enforcement of Application-specific Security Policies
Marius Schlegel
2021
Abstract
While there have been approaches for integrating security policies into operating systems (OSs) for more than two decades, applications often use objects of higher abstraction requiring individual security policies with application-specific semantics. Due to insufficient OS support, current approaches for enforcing application-level policies typically lead to large and complex trusted computing bases rendering tamperproofness and correctness difficult to achieve. To mitigate this problem, we propose the application-level policy enforcement architecture APPSPEAR and a C++ framework for its implementation. The configurable framework enables developers to balance enforcement rigor and costs imposed by different implementation alternatives and to easily tailor an APPSPEAR implementation to individual application requirements. We argue that hardware-based trusted execution environments offer an optimal balance between effectiveness and efficiency of policy protection and enforcement. This claim is substantiated by a practical evaluation based on a medical record system.
DownloadPaper Citation
in Harvard Style
Schlegel M. (2021). Trusted Enforcement of Application-specific Security Policies. In Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT, ISBN 978-989-758-524-1, pages 343-355. DOI: 10.5220/0010579703430355
in Bibtex Style
@conference{secrypt21,
author={Marius Schlegel},
title={Trusted Enforcement of Application-specific Security Policies},
booktitle={Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT,},
year={2021},
pages={343-355},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010579703430355},
isbn={978-989-758-524-1},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT,
TI - Trusted Enforcement of Application-specific Security Policies
SN - 978-989-758-524-1
AU - Schlegel M.
PY - 2021
SP - 343
EP - 355
DO - 10.5220/0010579703430355