The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
A sound type system for secure flow analysis
Journal of Computer Security
Certification of programs for secure information flow
Communications of the ACM
Inside the Java Virtual Machine
Inside the Java Virtual Machine
Java Language Specification, Second Edition: The Java Series
Java Language Specification, Second Edition: The Java Series
Inside Java(TM) 2 Platform Security: Architecture, API Design, and Implementation
Inside Java(TM) 2 Platform Security: Architecture, API Design, and Implementation
Secure Information Flow via Linear Continuations
Higher-Order and Symbolic Computation
Integrating Flexible Support for Security Policies into the Linux Operating System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Mostly-static decentralized information flow control
Mostly-static decentralized information flow control
Introduction to Computer Security
Introduction to Computer Security
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Dynamic Taint Propagation for Java
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
SELinux by Example: Using Security Enhanced Linux (Prentice Hall Open Source Software Development Series)
Information flow analysis and enforcement in java bytecode
Information flow analysis and enforcement in java bytecode
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
ShadowData: shadowing heap objects in Java
Proceedings of the 11th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering
Hi-index | 0.00 |
Operating systems try to provide secure platforms using appropriate security mechanisms like DAC and MAC. In spite of this, information confidentiality is not totally provided when information flows in the program memory space. Programming language level security techniques have thus been introduced to provide secure information flow inside programs. Existing works on programming language level are problematic though because their information flow policies have not been integrated into the underlying system security policies. In this paper we propose a dynamic solution for tracking and enforcing information flow policies inside the Java framework that is integrated with a trusted operating system namely SELinux. Our solution focuses on internal structure of JVM, implicating no modification to Java programming language. Experimental results have shown a bearable runtime overhead on running programs.