Nowadays, users entrust applications with an increasing amount of sensitive data, such as contacts, account data, and pictures. Malicious or faulty applications processing this data can cause substantial harm to users' information security and privacy. Proper mechanisms should therefore be in place to make applications comply with users' security requirements. Dynamic enforcement is a technique for achieving this by observing an application's runtime behavior and applying suitable countermeasures when necessary. Of particular relevance for today's information security are distributed applications like online social networks and cloud storage. Dynamic enforcement for distributed applications like these is the focus of this lab course.
In this lab, students get hands-on experience in implementing, applying, and evaluating dynamic enforcement mechanisms.
Last modified on 24 April 2013.