Advertisement

A Method of Secure Information Flow Based on Data Flow Analysis

Conference paper
Part of the Advances in Intelligent and Soft Computing book series (AINSC, volume 114)

Abstract

The secure information flow based on data flow analysis have studied for many years. The existing methods tend to be overly conservative, giving “insecure” answers to many “secure” programs, or to be overly attention to location information leak, existing location information leak does not imply there is information leak in a program. The method described in this paper is designed to be more precise than previous syntactic methods. The soundness of the analysis is proved.

Keywords

Formal semantics Static analysis Data flow analysis Secure information flow 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Sabelfeld, Myers, A.C.: Language-based information-flow security. IEEE J. Selected Areas in Communication 21(1) (January 2003)Google Scholar
  2. 2.
    Volpano, D., Smith, G.: A Type-Based Approach to Program Security. In: Proceeding of TAPSOFT 1997, Colloquium on Formal Approaches in Software Engineering, Lille France, April 14-18 (1997)Google Scholar
  3. 3.
    Volpano, D., Smith, G., Irvine, C.: A Sound Type System for Secure Flow Analysis. Journal of Computer Security (July 1996)Google Scholar
  4. 4.
    Mizuno, M., Schmidt, D.A.: A security flow control algorithm and its denotational semantics correctness proof. Formal Aspects of Computing 4, 722–754 (1992)CrossRefGoogle Scholar
  5. 5.
    Doh, K.-G., Shin, S.C.: Data Flow Analysis of Secure Information-Flow. ACM SIGPLAN Notices 37(8) (August 2002)Google Scholar
  6. 6.
    Joshi, R., Leino, K.R.M.: A semantic approach to secure information flow. Science of Computer Programming 37, 113–138 (2000)Google Scholar
  7. 7.
    Sabelfeld, Sands, D.: A per model of secure information flow in sequential programs. Higher-Order and Symbolic Computations 14, 59–91 (2001)MATHCrossRefGoogle Scholar
  8. 8.
    Darvas, A., Hähnle, R., Sands, D.: A Theorem Proving Approach Analysis of Secure Information Flow. Technical Report no (January 2004)Google Scholar
  9. 9.
    Denning, D., Denning, P.: Certification of Programs for Secure Information Flow. Communications of the ACM 20(7), 504–513 (1977)MATHCrossRefGoogle Scholar
  10. 10.
    Nielson, H.R., Nielson, F.: Semantics with Applications a Formal Introduction (July 1999)Google Scholar
  11. 11.
    Nielson, F., Nielson, H.R., Hankin, C.: Principles if Program Analysis. Springer, Heidelberg (1999)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  1. 1.Department of Computer ScienceZunyi Normal CollegeZunyiChina

Personalised recommendations