A Progress-Sensitive Flow-Sensitive Inlined Information-Flow Control Monitor - ICT Systems Security and Privacy Protection
Conference Papers Year : 2016

A Progress-Sensitive Flow-Sensitive Inlined Information-Flow Control Monitor

Abstract

We present a novel progress-sensitive, flow-sensitive hybrid information-flow control monitor for an imperative interactive language. Progress-sensitive information-flow control is a strong information security guarantee which ensures that a program’s progress (or lack of) does not leak information. Flow-sensitivity means that this strong security guarantee is enforced fairly precisely: we track information flow according to the source of information and not to an a priori given variable security level. We illustrate our approach on an imperative interactive language. Our hybrid monitor is inlined: source programs are translated, by a type-based analysis, into a target language that supports dynamic security levels. A key benefit of this is that the resulting monitored program is amenable to standard optimization techniques such as partial evaluation.
Fichier principal
Vignette du fichier
421518_1_En_24_Chapter.pdf (484.27 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01369568 , version 1 (21-09-2016)

Licence

Identifiers

Cite

Andrew Bedford, Stephen Chong, Josée Desharnais, Nadia Tawbi. A Progress-Sensitive Flow-Sensitive Inlined Information-Flow Control Monitor. 31st IFIP International Information Security and Privacy Conference (SEC), May 2016, Ghent, Belgium. pp.352-366, ⟨10.1007/978-3-319-33630-5_24⟩. ⟨hal-01369568⟩
82 View
96 Download

Altmetric

Share

More