A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Labels and event processes in the asbestos operating system
Proceedings of the twentieth ACM symposium on Operating systems principles
Libra: a library operating system for a jvm in a virtualized execution environment
Proceedings of the 3rd international conference on Virtual execution environments
Information flow control for standard OS abstractions
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Making information flow explicit in HiStar
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Laminar: practical fine-grained decentralized information flow control
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
| Hi-index | 0.00 |
A large array of privacy sensitive applications like banking servers, medical records processors, and legal software are Java applications. Preserving user privacy is a necessary feature in such applications. For example, in a medical records system, only the authorized doctors and medical staff should be allowed access to patient information. Decentralized Information Flow Control (DIFC) [10] provides an effective means for preserving user privacy. In a traditional setup where the Java Virtual Machine (JVM) runs on top of an Operating System (OS), sensitive information flows both through the JVM and the OS, and effective enforcement of information flow policies requires tracking data across both these entities [12]. Implementing information flow control in such systems requires modification, and subsequent auditing, of both the JVM and OS source code.