Robert Grabowski: Noninterference with dynamic security domains and policies
01.12.2009 10:15
Language-based information flow analysis is used to statically
examine a program for information flows between objects of different
security domains, and to verify these flows follow a given policy.
In certain situations, the objects accessed by a program are
not known until runtime, e.g. when a file to be processed is
chosen by the user. To maintain information flow security,
runtime tests are required for determining which flows between
these objects are actually allowed.
We present an imperative language with dynamic object choice and
a conditional for information flow tests. We use a type system
to show that the flow tests included in a program are sufficient,
such that the program is secure regardless of the choice of objects.
The analysis is subsequently transferred to the unstructured bytecode
programs.
Artikelaktionen
abgelegt unter:
Oberseminar