JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Inside Java 2 platform security architecture, API design, and implementation
Inside Java 2 platform security architecture, API design, and implementation
ACM Transactions on Information and System Security (TISSEC)
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Secure information flow in computer systems.
Secure information flow in computer systems.
Dynamic label binding at run-time
Proceedings of the 2003 workshop on New security paradigms
The inlined reference monitor approach to security policy enforcement
The inlined reference monitor approach to security policy enforcement
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Information flow analysis and enforcement in java bytecode
Information flow analysis and enforcement in java bytecode
Making information flow explicit in HiStar
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Enforcing DRM policies across applications
Proceedings of the 8th ACM workshop on Digital rights management
Remote Attestation of Attribute Updates and Information Flows in a UCON System
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Neon: system support for derived data management
Proceedings of the 6th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
A permission system for secure AOP
Proceedings of the 9th International Conference on Aspect-Oriented Software Development
DEFCON: high-performance event processing with information security
USENIXATC'10 Proceedings of the 2010 USENIX conference on USENIX annual technical conference
Cross-application data provenance and policy enforcement
ACM Transactions on Information and System Security (TISSEC)
A survey on automated dynamic malware-analysis techniques and tools
ACM Computing Surveys (CSUR)
SafeWeb: a middleware for securing ruby-based web applications
Middleware'11 Proceedings of the 12th ACM/IFIP/USENIX international conference on Middleware
Constroid: data-centric access control for android
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Uncovering performance problems in Java applications with reference propagation profiling
Proceedings of the 34th International Conference on Software Engineering
Static enforcement of information flow policies for a concurrent JVM-like language
TGC'11 Proceedings of the 6th international conference on Trustworthy Global Computing
SafeWeb: a middleware for securing ruby-based web applications
Proceedings of the 12th International Middleware Conference
Analysis of the communication between colluding applications on modern smartphones
Proceedings of the 28th Annual Computer Security Applications Conference
Detecting control flow in smarphones: combining static and dynamic analyses
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
| Hi-index | 0.00 |
The ability to enforce usage policies attached to data in a fine grained manner requires that the system be able to trace and control the flow of information within it. This paper presents the design and implementation of such an information flow control system, named Trishul, as a Java Virtual Machine. In particular we address the problem of tracing implicit information flow, which had not been resolved by previous run-time systems and the additional intricacies added on by the Java architecture. We argue that the security benefits offered by Trishul are substantial enough to counter-weigh the performance overhead of the system as shown by our experiments.