# Policy Enforcement with Proactive Libraries

**Authors:** Oliviero Riganelli, Daniela Micucci, and Leonardo Mariani

arXiv: 1703.08005 · 2020-10-14

## TL;DR

This paper introduces proactive libraries that enhance traditional libraries with runtime detection and healing of API misuse, demonstrated effectively within the Android ecosystem with minimal overhead.

## Contribution

It presents the novel concept of proactive libraries capable of detecting and healing API misuses at runtime without modifying original libraries or application code.

## Key findings

- Proactive libraries can automatically detect API misuse.
- They can heal misuses at runtime with minimal performance overhead.
- Effective in Android for resource management issues.

## Abstract

Software libraries implement APIs that deliver reusable functionalities. To correctly use these functionalities, software applications must satisfy certain correctness policies, for instance policies about the order some API methods can be invoked and about the values that can be used for the parameters. If these policies are violated, applications may produce misbehaviors and failures at runtime. Although this problem is general, applications that incorrectly use API methods are more frequent in certain contexts. For instance, Android provides a rich and rapidly evolving set of APIs that might be used incorrectly by app developers who often implement and publish faulty apps in the marketplaces. To mitigate this problem, we introduce the novel notion of proactive library, which augments classic libraries with the capability of proactively detecting and healing misuses at run- time. Proactive libraries blend libraries with multiple proactive modules that collect data, check the correctness policies of the libraries, and heal executions as soon as the violation of a correctness policy is detected. The proactive modules can be activated or deactivated at runtime by the users and can be implemented without requiring any change to the original library and any knowledge about the applications that may use the library. We evaluated proactive libraries in the context of the Android ecosystem. Results show that proactive libraries can automati- cally overcome several problems related to bad resource usage at the cost of a small overhead.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1703.08005/full.md

## Figures

1 figure with captions in the complete paper: https://tomesphere.com/paper/1703.08005/full.md

---
Source: https://tomesphere.com/paper/1703.08005