Abstract
Protecting the confidentiality of information stored in a computer system or transmitted over a public network is a relevant problem in computer security. The approach of information flow analysis involves performing a static analysis of the program with the aim of proving that there will not be leaks of sensitive information. In this paper we propose a new domain that combines variable dependency analysis, based on propositional formulas, and variables’ value analysis, based on polyhedra. The resulting analysis is strictly more accurate than the state of the art abstract interpretation based analyses for information leakage detection. Its modular construction allows to deal with the tradeoff between efficiency and accuracy by tuning the granularity of the abstraction and the complexity of the abstract operators.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bagnara, R., Hill, P.M., Zaffanella, E.: The Parma Polyhedra Library: Toward a complete set of numerical abstractions for the analysis and verification of hardware and software systems. Science of Computer Programming 72(1–2), 3–21 (2008)
Bodei, C., Degano, P., Nielson, F., Riis Nielson, H.: Static analysis for secrecy and non-interference in networks of processes. In: Malyshkin, V.E. (ed.) PaCT 2001. LNCS, vol. 2127, pp. 27–41. Springer, Heidelberg (2001)
Braghin, C., Cortesi, A., Focardi, R.: Information flow security in boundary ambients. Inf. Comput. 206(2-4), 460–489 (2008)
Centenaro, M., Focardi, R., Luccio, F.L., Steel, G.: Type-based analysis of pin processing apis. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 53–68. Springer, Heidelberg (2009)
Cortesi, A., File, G., Winsborough, W.: Optimal groundness analysis using propositional logic. The Journal of Logic Programming 27(2), 137–167 (1996)
Cousot, P., Cousot, R.: Systematic design of program analysis frameworks. In: Conference Record of the Sixth Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 269–282. ACM Press, New York (1979)
Cousot, P., Halbwachs, N.: Automatic discovery of linear restraints among variables of a program. In: Conference Record of the Fifth Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 84–97. ACM Press, New York (1978)
Denning, D.E.: A lattice model of secure information flow. Commun. ACM 19(5), 236–243 (1976)
Giacobazzi, R., Mastroeni, I.: Abstract non-interference: parameterizing non-interference by abstract interpretation. In: Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages, POPL 2004, pp. 186–197. ACM, New York (2004)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: IEEE Symposium on Security and Privacy, vol. 0, p. 11 (1982)
Van Hentenryck, P., Cortesi, A., Le Charlier, B.: Evaluation of the domain prop. The Journal of Logic Programming 23(3), 237–278 (1995)
Jeannet, B.: Convex Polyhedra Library, release 1.1.3c edn., Documentation of the “New Polka” library (March 2002), http://www.irisa.fr/prive/Bertrand.Jeannet/newpolka.html
Karr, M.: Affine relationships among variables of a program. Acta Inf. 6, 133–151 (1976)
Smith, G.: Principles of secure information flow analysis. In: Christodorescu, M., Jha, S., Maughan, D., Song, D., Wang, C. (eds.) Malware Detection. Advances in Information Security, vol. 27, pp. 291–307. Springer, Heidelberg (2007)
Tolstrup, T.K., Nielson, F., Nielson, H.R.: Information flow analysis for vhdl. In: PaCT, pp. 79–98 (2005)
Volpano, D., Irvine, C., Smith, G.: A sound type system for secure flow analysis. J. Comput. Secur. 4(2-3), 167–187 (1996)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zanioli, M., Cortesi, A. (2011). Information Leakage Analysis by Abstract Interpretation. In: Černá, I., et al. SOFSEM 2011: Theory and Practice of Computer Science. SOFSEM 2011. Lecture Notes in Computer Science, vol 6543. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-18381-2_45
Download citation
DOI: https://doi.org/10.1007/978-3-642-18381-2_45
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-18380-5
Online ISBN: 978-3-642-18381-2
eBook Packages: Computer ScienceComputer Science (R0)