Automata-based confidentiality monitoring

  • Authors:
  • Gurvan Le Guernic;Anindya Banerjee;Thomas Jensen;David A. Schmidt

  • Affiliations:
  • IRISA, Rennes, France and Kansas State University, Manhattan, KS;Kansas State University, Manhattan, KS;IRISA, Rennes, France;Kansas State University, Manhattan, KS

  • Venue:
  • ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
  • Year:
  • 2006

Quantified Score

Hi-index 0.00

Visualization

Abstract

Non-interference is typically used as a baseline security policy to formalize confidentiality of secret information manipulated by a program. In contrast to static checking of non-interference, this paper considers dynamic, automaton-based, monitoring of information flow for a single execution of a sequential program. The monitoring mechanism is based on a combination of dynamic and static analyses. During program execution, abstractions of program events are sent to the automaton, which uses the abstractions to track information flows and to control the execution by forbidding or editing dangerous actions. The mechanism proposed is proved to be sound, to preserve executions of well-typed programs (in the security type system of Volpano, Smith and Irvine), and to preserve some safe executions of ill-typed programs.