<div class="csl-bib-body">
<div class="csl-entry">Hsu, T.-H., Oliveira Da Costa, A., Wintenberg, A., Bartocci, E., & Bonakdarpour, B. (2025). Gray-box runtime enforcement of hyperproperties. <i>Acta Informatica</i>, <i>62</i>(3), Article 30. https://doi.org/10.1007/s00236-025-00502-1</div>
</div>
-
dc.identifier.issn
0001-5903
-
dc.identifier.uri
http://hdl.handle.net/20.500.12708/218539
-
dc.description.abstract
Enforcement of information-flow policies has been extensively studied by language-based approaches over the past few decades. In this paper, we propose an alternative, novel, general, and effective approach using enforcement of hyperproperties– a powerful formalism for expressing and reasoning about a wide range of information-flow security policies. We study black- vs. gray- vs. white-box enforcement of hyperproperties expressed by nondeterministic finite-word hyperautomata (NFH), where the enforcer has null, some, or complete information about the implementation of the system under scrutiny. Given an NFH, in order to generate a runtime enforcer, we reduce the problem to controller synthesis for hyperproperties and subsequently to the satisfiability problem for quantified Boolean formulas (QBFs). The resulting enforcers are transferable with low-overhead. We conduct a rich set of case studies, including information-flow control for JavaScript code, as well as synthesizing obfuscators for control plants.
en
dc.language.iso
en
-
dc.publisher
SPRINGER
-
dc.relation.ispartof
Acta Informatica
-
dc.subject
Runtime Enforcment
en
dc.subject
Hyperproperties
en
dc.subject
Web Security
en
dc.subject
Information Flow
en
dc.title
Gray-box runtime enforcement of hyperproperties
en
dc.type
Article
en
dc.type
Artikel
de
dc.contributor.affiliation
Michigan State University, United States of America (the)
-
dc.contributor.affiliation
University of Michigan, United States of America (the)
-
dc.contributor.affiliation
University of Michigan, United States of America (the)
-
dc.type.category
Original Research Article
-
tuw.container.volume
62
-
tuw.container.issue
3
-
tuw.journal.peerreviewed
true
-
tuw.peerreviewed
true
-
wb.publication.intCoWork
International Co-publication
-
tuw.researchTopic.id
I2
-
tuw.researchTopic.name
Computer Engineering and Software-Intensive Systems
-
tuw.researchTopic.value
100
-
dcterms.isPartOf.title
Acta Informatica
-
tuw.publication.orgunit
E191-01 - Forschungsbereich Cyber-Physical Systems
-
tuw.publication.orgunit
E056-13 - Fachbereich LogiCS
-
tuw.publication.orgunit
E056-26 - Fachbereich Automated Reasoning
-
tuw.publication.orgunit
E056-17 - Fachbereich Trustworthy Autonomous Cyber-Physical Systems
-
tuw.publisher.doi
10.1007/s00236-025-00502-1
-
dc.date.onlinefirst
2025-08-09
-
dc.identifier.articleid
30
-
dc.identifier.eissn
1432-0525
-
dc.description.numberOfPages
33
-
tuw.author.orcid
0000-0002-6277-2765
-
tuw.author.orcid
0000-0001-7522-5309
-
tuw.author.orcid
0000-0002-8004-6601
-
tuw.author.orcid
0000-0003-1800-5419
-
wb.sci
true
-
wb.sciencebranch
Informatik
-
wb.sciencebranch.oefos
1020
-
wb.sciencebranch.value
100
-
item.openairetype
research article
-
item.openairecristype
http://purl.org/coar/resource_type/c_2df8fbb1
-
item.grantfulltext
none
-
item.languageiso639-1
en
-
item.fulltext
no Fulltext
-
item.cerifentitytype
Publications
-
crisitem.author.dept
Michigan State University
-
crisitem.author.dept
University of Michigan
-
crisitem.author.dept
E191-01 - Forschungsbereich Cyber-Physical Systems
