Robert Grabowski: Noninterference with dynamic security domains and policies
Language-based information flow analysis is used to statically examine a program for information flows between objects of different security domains, and to verify these flows follow a given policy. In certain situations, the objects accessed by a program are not known until runtime, e.g. when a file to be processed is chosen by the user. To maintain information flow security, runtime tests are required for determining which flows between these objects are actually allowed.
We present an imperative language with dynamic object choice and a conditional for information flow tests. We use a type system to show that the flow tests included in a program are sufficient, such that the program is secure regardless of the choice of objects. The analysis is subsequently transferred to the unstructured bytecode programs.
abgelegt unter: Oberseminar