Robert Grabowski: Noninterference with dynamic security domains and policies
—
abgelegt unter:
Oberseminar
01.12.2009 10:15
| Was |
|
|---|---|
| Wann |
01.12.2009 von 10:15 bis 11:45 |
| Wo | Z1.09 (neu: L109) |
| Termin übernehmen |
vCal
iCal
|
Language-based information flow analysis is used to statically
examine a program for information flows between objects of different
security domains, and to verify these flows follow a given policy.
In certain situations, the objects accessed by a program are
not known until runtime, e.g. when a file to be processed is
chosen by the user. To maintain information flow security,
runtime tests are required for determining which flows between
these objects are actually allowed.
We present an imperative language with dynamic object choice and
a conditional for information flow tests. We use a type system
to show that the flow tests included in a program are sufficient,
such that the program is secure regardless of the choice of objects.
The analysis is subsequently transferred to the unstructured bytecode
programs.
