Privacy Assessment Using Static Taint Analysis (Tool Paper)

Marcel von Maltitz; Cornelius Diekmann; Georg Carle

doi:10.1007/978-3-319-60225-7_16

FORTE 2017: Formal Techniques for Distributed Objects, Components, and Systems pp 225-235

Privacy Assessment Using Static Taint Analysis (Tool Paper)

Authors
Authors and affiliations

Marcel von MaltitzEmail author
Cornelius Diekmann
Georg Carle

Conference paper

First Online:: 28 May 2017

Part of the Lecture Notes in Computer Science book series (LNCS, volume 10321)

Abstract

When developing and maintaining distributed systems, auditing privacy properties gains more and more relevance. Nevertheless, this task is lacking support of automated tools and, hence, is mostly carried out manually. We present a formal approach which enables auditors to model the flow of critical data in order to shed new light on a system and to automatically verify given privacy constraints. The formalization is incorporated into a larger policy analysis and verification framework and overall soundness is proven with Isabelle/HOL. Using this solution, it becomes possible to automatically compute architectures which follow specified privacy conditions or to input an existing architecture for verification. Our tool is evaluated in two real-world case studies, where we uncover and fix previously unknown violations of privacy.

References

1.
Das Standard-Datenschutzmodell. Technical report, Konferenz der unabhängigen Datenschutzbehörden des Bundes und der Länder, Darmstadt (2015). https://www.datenschutzzentrum.de/uploads/sdm/SDM-Handbuch.pdf
2.
Bock, K., Rost, M.: Privacy by design und die neuen schutzziele. DuD 35(1), 30–35 (2011)CrossRefGoogle Scholar
3.
Cavoukian, A.: Creation of a Global Privacy Standard, November 2006, Revised October 2009. https://www.ipc.on.ca/images/resources/gps.pdf
4.
Cavoukian, A.: Privacy by Design – The 7 Foundational Principles, January 2011. https://www.ipc.on.ca/wp-content/uploads/Resources/7foundationalprinciples.pdf
5.
Chair of Network Architectures, Services, TUM: MeasrDroid. http://www.droid.net.in.tum.de/
6.
Common Criteria: Part 3: Security assurance components. Common Criteria for Information Technology Security Evaluation CCMB-2012-09-003(Version 3.1 Revision 4), September 2012Google Scholar
7.
Danezis, G., Domingo-Ferrer, J., Hansen, M., Hoepman, J.H., Metayer, D.L., Tirtea, R., Schiffner, S.: Privacy and data protection by design – from policy to engineering. Technical report, ENISA (2015)Google Scholar
8.
Denning, D.: A lattice model of secure information flow. Commun. ACM 19(5), 236–243 (1976)MathSciNetCrossRefMATHGoogle Scholar
9.
Diekmann, C., Korsten, A., Carle, G.: Demonstrating topoS: theorem-prover-based synthesis of secure network configurations. In: 11th International Conference on Network and Service Management (CNSM), pp. 366–371, November 2015Google Scholar
10.
Diekmann, C., Michaelis, J., Haslbeck, M., Carle, G.: Verified iptables firewall analysis. In: IFIP Networking 2016, Vienna, Austria, May 2016Google Scholar
11.
Diekmann, C., Posselt, S.-A., Niedermayer, H., Kinkelin, H., Hanka, O., Carle, G.: Verifying security policies using host attributes. In: Ábrahám, E., Palamidessi, C. (eds.) FORTE 2014. LNCS, vol. 8461, pp. 133–148. Springer, Heidelberg (2014). doi:10.1007/978-3-662-43613-4_9 CrossRefGoogle Scholar
12.
Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM TOCS 32(2), 5 (2014)CrossRefGoogle Scholar
13.
Feilkas, M., Ratiu, D., Jürgens, E.: The loss of architectural knowledge during system evolution: an industrial case study. In: ICPC, pp. 188–197, May 2009Google Scholar
14.
Kinkelin, H., Maltitz, M., Peter, B., Kappler, C., Niedermayer, H., Carle, G.: Privacy preserving energy management. In: Aiello, L.M., McFarland, D. (eds.) SocInfo 2014. LNCS, vol. 8852, pp. 35–42. Springer, Cham (2015). doi:10.1007/978-3-319-15168-7_5 Google Scholar
15.
Murray, T., Matichuk, D., Brassil, M., Gammie, P., Bourke, T., Seefried, S., Lewis, C., Gao, X., Klein, G.: seL4: from general purpose to a proof of information flow enforcement. In: IEEE S&P, pp. 415–429, May 2013Google Scholar
16.
Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL: A Proof Assistant for Higher-Order Logic. LNCS, vol. 2283. Springer, Heidelberg (2016). http://isabelle.in.tum.de/ MATHGoogle Scholar
17.
Rost, M., Pfitzmann, A.: Datenschutz-Schutzziele – revisited. Datenschutz und Datensicherheit DuD 33(6), 353–358 (2009)CrossRefGoogle Scholar
18.
Tromer, E., Schuster, R.: DroidDisintegrator: intra-application information flow control in Android apps (extended version). In: ASIA CCS 2016, pp. 401–412. ACM (2016). http://www.cs.tau.ac.il/~tromer/disintegrator/disintegrator.pdf

Copyright information

Authors and Affiliations

Marcel von Maltitz
- 1
Email author
Cornelius Diekmann
- 1
Georg Carle
- 1

1.Technische Universität MünchenMunichGermany

About this paper

Cite this paper as:: von Maltitz M., Diekmann C., Carle G. (2017) Privacy Assessment Using Static Taint Analysis (Tool Paper). In: Bouajjani A., Silva A. (eds) Formal Techniques for Distributed Objects, Components, and Systems. FORTE 2017. Lecture Notes in Computer Science, vol 10321. Springer, Cham

DOI https://doi.org/10.1007/978-3-319-60225-7_16
Publisher Name Springer, Cham
Print ISBN 978-3-319-60224-0
Online ISBN 978-3-319-60225-7
eBook Packages Computer Science

Published in cooperation with
The International Federation for Information Processing

Personalised recommendations

Actions

Buy eBook

USD 74.99

Instant download
Readable on all devices
Own it forever
Local sales tax included if applicable

Privacy Assessment Using Static Taint Analysis (Tool Paper)

Abstract

Copyright information

Authors and Affiliations

Personalised recommendations

Export citation

Cookies