Abstract
Insecurity arising from illegal information flow represents a real threat in small computing environments allowing code sharing, dynamic class loading and overloading. We introduce a verifier able to certify at loading time Java applications already typed with signatures describing possible information flows. The verifier is implemented as a class loader and can be used on any Java Virtual Machine. The experimental results provided here support our approach and show that the verifier can be successfully embedded. As far as we know, this is the first information flow analysis adapted to open embedded systems.
Funded by the Mosaïques project, CPER TAC 2005-2008 & FEDER.
Chapter PDF
Similar content being viewed by others
References
Aonix Inc. Perc products.
Avvenuti, M., Bernardeschi, C., Francesco, N.D.: Java bytecode verification for secure information flow. SIGPLAN Not. 38(12), 20–27 (2003)
Barthe, G., Basu, A., Rezk, T.: Security Types Preserving Compilation. In: Steffen, B., Levi, G. (eds.) VMCAI 2004. LNCS, vol. 2937, pp. 2–15. Springer, Heidelberg (2004)
Barthe, G., D’Argenio, P., Rezk, T.: Secure Information Flow by Self-Composition. In: Computer Security Fundation Workshop (CSFW’17), pp. 100–114. IEEE Computer Society Press, Los Alamitos (2004)
Bieber, P., et al.: Checking secure interactions of smart card applets (extended version). J. Comput. Secur. 10(4), 369–398 (2002)
Colby, C., et al.: A certifying compiler for java. In: PLDI ’00: Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation, pp. 95–107. ACM Press, New York (2000)
Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Commun. ACM 20(7), 504–513 (1977)
Deville, D., Grimaud, G.: Building an ‘impossible” verifier on a Java card. In: Proc. 2nd USENIX Workshop on Industrial Experiences with Systems Software (WIESS’02), Boston, USA (2002)
Genaim, S., Spoto, F.: Information Flow Analysis for Java Bytecode. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 346–362. Springer, Heidelberg (2005)
Ghindici, D., Grimaud, G., Simplot-Ryl, I.: Embedding verifiable information flow analysis. In: Proc. Annual Conference on Privacy, Security and Trust, Toronto, Canada, pp. 343–352 (2006)
Hansen, R.R., Probst, C.W.: Non-interference and erasure policies for java card bytecode. In: 6th International Workshop on Issues in the Theory of Security (WITS ’06) (2006)
Hicks, B., King, D., McDaniel, P.: Declassification with cryptographic functions in a security-typed language. Tech. Rep. NAS-TR-0004-2005, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA (May 2005)
Hunt, S., Sands, D.: On flow-sensitive security types. In: Proceedings of the 33rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2006, pp. 79–90. ACM Press, New York (2006)
Java In The Small. http://www.lifl.fr/POPS/JITS/
Kobayashi, N., Shirane, K.: Type-based information flow analysis for low-level languages. Computer Software 20(2), 2–21 (2003)
Leroy, X.: Java bytecode verification: Algorithms and formalizations. J. Autom. Reason. 30(3-4), 235–269 (2003)
Lindholm, T., Yellin, F.: Java Virtual Machine Specification. Addison-Wesley Longman Publishing Co., Inc., Boston (1999)
Myers, A.C.: Jflow: practical mostly-static information flow control. In: POPL ’99: Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp. 228–241. ACM Press, New York (1999)
Rose, E., Rose, K.H.: Lightweight bytecode verification. In: Workshop “Formal Underpinnings of the Java Paradigm”, OOPSLA’98 (1998)
Sabelfeld, A., Myers, A.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21(1) (2003)
Sabelfeld, A., Sands, D.: Dimensions and principles of declassification. In: CSFW ’05: Proceedings of the 18th IEEE Computer Security Foundations Workshop (CSFW’05), Washington, DC, USA, pp. 255–269. IEEE Computer Society Press, Los Alamitos (2005)
Smith, G., Volpano, D.: Secure information flow in a multi-threaded imperative language. In: POPL ’98: Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp. 355–364 (1998)
STAN - STatic Alias aNalyser. http://www.lifl.fr/~ghindici/STAN/
Sun Microsystem. Connected Limited Device Configuration and K Virtual Machine, http://java.sun.com/products/cldc/
Volpano, D., Irvine, C., Smith, G.: A sound type system for secure flow analysis. J. Comput. Secur. 4(2-3), 167–187 (1996)
Zdancewic, S.: Challenges for information-flow security. In: PLID’04 The First International Workshop on Programming Language Interference and Dependence, Verona, Italy, August 25 (2004)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 IFIP International Federation for Information Processing
About this paper
Cite this paper
Ghindici, D., Grimaud, G., Simplot-Ryl, I. (2007). An Information Flow Verifier for Small Embedded Systems. In: Sauveron, D., Markantonakis, K., Bilas, A., Quisquater, JJ. (eds) Information Security Theory and Practices. Smart Cards, Mobile and Ubiquitous Computing Systems. WISTP 2007. Lecture Notes in Computer Science, vol 4462. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72354-7_16
Download citation
DOI: https://doi.org/10.1007/978-3-540-72354-7_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72353-0
Online ISBN: 978-3-540-72354-7
eBook Packages: Computer ScienceComputer Science (R0)