Advertisement

Abstract

We present a flow and context sensitive compositional information flow analysis for full (mono-threaded) Java bytecode. We base our analysis on the transformation of the Java bytecode into a control-flow graph of basic blocks of code which makes explicit the complex features of the Java bytecode. We represent information flows through Boolean functions and hence implement an accurate and efficient information flow analysis through binary decision diagrams. To the best of our knowledge, it is the first one for full Java bytecode.

Keywords

Boolean Function Basic Block Execution Trace Binary Decision Diagram Covert Channel 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Aho, A.V., Sethi, R., Ullman, J.D.: Compilers, Principles Techniques and Tools. Addison Wesley Publishing Company, Reading (1986)Google Scholar
  2. 2.
    Amtoft, T., Banerjee, A.: Information Flow Analysis in Logical Form. In: Giacobazzi, R. (ed.) SAS 2004. LNCS, vol. 3148, pp. 100–115. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Banerjee, A., Naumann, D.A.: Stack-based Access Control and Secure Information Flow. Journal of Functional Programming, Special issue on Language-based Security (to appear)Google Scholar
  4. 4.
    Barthe, G., Basu, A., Rezk, T.: Security Types Preserving Compilation. In: Steffen, B., Levi, G. (eds.) VMCAI 2004. LNCS, vol. 2937, pp. 2–15. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  5. 5.
    Barthe, G., Rezk, T.: Secure Information Flow for a Sequential Java Virtual Machine (unpublished)Google Scholar
  6. 6.
    Bodei, C., Degano, P., Nielson, F., Riis Nielson, H.: Static Analysis for Secrecy and non-Interference in Networks of Processes. In: Malyshkin, V.E. (ed.) PaCT 2001. LNCS, vol. 2127, p. 27. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Bonelli, E., Compagnoni, A., Medel, R.: SIFTAL: A Typed Assembly Language for Secure Information Flow Analysis. Manuscript (2004)Google Scholar
  8. 8.
    Bryant, R.E.: Graph-Based Algorithms for Boolean Function Manipulation. IEEE Transactions on Computers 35(8), 677–691 (1986)zbMATHCrossRefGoogle Scholar
  9. 9.
    Clark, D., Hankin, C., Hunt, S.: Information Flow for ALGOL-like Languages. Computer Languages 28(1), 3–28 (2002)zbMATHGoogle Scholar
  10. 10.
    Dean, J., Grove, D., Chambers, C.: Optimization of Object-Oriented Programs Using Static Class Hierarchy Analysis. In: Olthoff, W. (ed.) ECOOP 1995. LNCS, vol. 952, pp. 77–101. Springer, Heidelberg (1995)Google Scholar
  11. 11.
    Denning, D.E.: A Lattice Model of Secure Information Flow. Communications of the ACM 19(5), 236–242 (1976)zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Genaim, S., Giacobazzi, R., Mastroeni, I.: Modeling Secure Information Flow with Boolean Functions. In: Ryan, P. (ed.) WITS 2004 (April 2004)Google Scholar
  13. 13.
    Genaim, S., Spoto, F.: Information flow analysis for java bytecode. Extended VersionGoogle Scholar
  14. 14.
    Kobayashi, N., Shirane, K.: Type-based Information Flow Analysis for Low-Level Languages. In: 3rd Asian Workshop on Programming Languages and Systems (2002)Google Scholar
  15. 15.
    Laud, P.: Semantics and Program Analysis of Computationally Secure Information Flow. In: Sands, D. (ed.) ESOP 2001. LNCS, vol. 2028, pp. 77–91. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    Lind-Nielsen, J.: BuDDy - A Binary Decision Diagram Package, Available at http://www.itu.dk/research/buddy/
  17. 17.
    Lindholm, T., Yellin, F.: The JavaTM Virtual Machine Specification. JavaTM Series. Addison-Wesley, Reading (1999)Google Scholar
  18. 18.
    Mizuno, M.: A Least Fixed Point Approach to Inter-Procedural Information Flow Control. In: Proc. 12th NIST-NCSC National Computer Security Conference, pp. 558–570 (1989)Google Scholar
  19. 19.
    Myers, A.C.: J. Practical Mostly-Static Information Flow Control. In: 26th ACM Symposium on Principles of Programming Languages, San Antonio, Texas, pp. 228–241 (1999)Google Scholar
  20. 20.
    Sabelfeld, A., Myers, A.: Language-based Information-Flow Security. IEEE Journal on Selected Areas in Communications 21(1), 5–19 (2003)CrossRefGoogle Scholar
  21. 21.
    Sabelfeld, A., Sands, D.: A PER Model of Secure Information Flow in Sequential Programs. Higher-Order and Symbolic Computation 14(1), 59–91 (2001)zbMATHCrossRefGoogle Scholar
  22. 22.
    Skalka, C., Smith, S.: Static Enforcement of Security with Types. In: ICFP 2000, pp. 254–267. ACM Press, New York (2000)Google Scholar
  23. 23.
    Spoto, F.: The Julia Generic Static Analyser (2004), http://www.sci.univr.it/~spoto/julia
  24. 24.
    Spoto, F., Jensen, T.: Class Analyses as Abstract Interpretations of Trace Semantics. ACM Transactions on Programming Languages and Systems (TOPLAS) 25(5), 578–630 (2003)CrossRefGoogle Scholar
  25. 25.
    Volpano, D., Smith, G., Irvine, C.: A Sound Type System for Secure Flow Analysi. Journal of Computer Security 4(2,3), 167–187 (1996)Google Scholar
  26. 26.
    Zdancewic, S., Myers, A.C.: Secure Information Flow and CPS. In: Sands, D. (ed.) ESOP 2001. LNCS, vol. 2028, pp. 46–61. Springer, Heidelberg (2001)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Samir Genaim
    • 1
  • Fausto Spoto
    • 1
  1. 1.Dipartimento di InformaticaUniversità di VeronaVeronaItaly

Personalised recommendations