Type-based information flow analysis for bytecode languages with variable object field policies

Authors:
Francisco Bavera;Eduardo Bonelli
Affiliations:
FCEFQyN, UNRC, Argentina and CONICET;LIFIA, Fac. de Informática, UNLP, Argentina and CONICET
Venue:
Proceedings of the 2008 ACM symposium on Applied computing
Year:
2008

Citing 11
Cited 1

Java Virtual Machine Specification

Java Virtual Machine Specification
Bytecode verification on Java smart cards

Software—Practice & Experience
A Type-Based Approach to Program Security

TAPSOFT '97 Proceedings of the 7th International Joint Conference CAAP/FASE on Theory and Practice of Software Development
Secure Information Flow and Pointer Confinement in a Java-like Language

CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Non-interference for a JVM-like language

TLDI '05 Proceedings of the 2005 ACM SIGPLAN international workshop on Types in languages design and implementation
Stack-based access control and secure information flow

Journal of Functional Programming
Deriving an Information Flow Checker and Certifying Compiler for Java

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Security types preserving compilation

Computer Languages, Systems and Structures
A certified lightweight non-interference java bytecode verifier

ESOP'07 Proceedings of the 16th European conference on Programming
Language-based information-flow security

IEEE Journal on Selected Areas in Communications
Security of multithreaded programs by compilation

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security

Abstract certification of global non-interference in rewriting logic

FMCO'09 Proceedings of the 8th international conference on Formal methods for components and objects

Quantified Score

Hi-index	0.00

Visualization

Abstract

Static, type-based information flow analysis techniques targeted at Java and JVM-like code typically assume a global security policy on object fields: all fields are assigned a fixed security level. In essence they are treated as standard variables. However different objects may be created under varying security contexts, particularly for widely used classes such as wrapper or collection classes. This entails an important loss in precision of the analysis. We present a flow-sensitive type system for statically detecting illegal flows of information in a JVM-like language that allows the level of a field to vary at different object creation points. Also, we prove a noninterference result for this language.