A sound type system for secure flow analysis
Journal of Computer Security
A Practical Guide to Security Engineering and Information Assurance
A Practical Guide to Security Engineering and Information Assurance
Information flow inference for ML
ACM Transactions on Programming Languages and Systems (TOPLAS)
State Assignment Techniques in Multiple-Valued Logic
ISMVL '99 Proceedings of the Twenty Ninth IEEE International Symposium on Multiple-Valued Logic
Secure program execution via dynamic information flow tracking
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Raksha: a flexible information flow architecture for software security
Proceedings of the 34th annual international symposium on Computer architecture
Information flow control for standard OS abstractions
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Complete information flow tracking from the gates up
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
Execution leases: a hardware-supported mechanism for enforcing strong non-interference
Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture
Proceedings of the 38th annual international symposium on Computer architecture
Information flow isolation in I2C and USB
Proceedings of the 48th Design Automation Conference
Predicting secret keys via branch prediction
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Theoretical Fundamentals of Gate Level Information Flow Tracking
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
Hi-index | 0.00 |
High assurance systems require strict guarantees on information flow security and fault tolerance or else face catastrophic consequences. Recently, Gate Level Information Flow Tracking (GLIFT) has been proposed to monitor information flows at the level of Boolean logic. At this level, all flows are explicit which makes it possible to detect security violations, even those that occur due to difficult to detect timing channels. In this paper, we show that the encoding technique used in previous GLIFT generation methods includes redundant encoding states, which leads to large overheads in area, delay and verification time. We present a new encoding technique with fewer encoding states by leveraging an inherent property of GLIFT. By denoting don't-care input conditions to logic synthesis tools, smaller GLIFT logic for dynamic information flow tracking is obtained and shorter simulation time for static information flow security verification is achieved. Experimental results using the IWLS benchmarks show average reductions of 39.8%, 31.1% and 57.5% in area, delay and simulation time respectively. Furthermore, the new encoding technique enables the GLIFT tracking logic to function both as information flow tracking and redundant logic. As a result, information flow security and fault tolerance can be simultaneously enforced with the same logic.