Combining Abstract Interpretation and Model Checking for Analysing Security Properties of Java Bytecode

Authors:
Cinzia Bernardeschi;Nicoletta De Francesco
Affiliations:
-;-
Venue:
VMCAI '02 Revised Papers from the Third International Workshop on Verification, Model Checking, and Abstract Interpretation
Year:
2002

Citing 12
Cited 7

Automatic verification of finite-state concurrent systems using temporal logic specifications

ACM Transactions on Programming Languages and Systems (TOPLAS)
Inductive definitions, semantics and abstract interpretations

POPL '92 Proceedings of the 19th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
What's in a region?: or computing control dependence regions in near-linear time for reducible control flow

ACM Letters on Programming Languages and Systems (LOPLAS)
From system F to typed assembly language

ACM Transactions on Programming Languages and Systems (TOPLAS)
An Axiomatic Approach to Information Flow in Programs

ACM Transactions on Programming Languages and Systems (TOPLAS)
Certification of programs for secure information flow

Communications of the ACM
A note on the confinement problem

Communications of the ACM
Checking security of Java bytecode by abstract interpretation

Proceedings of the 2002 ACM symposium on Applied computing
Abstract interpretation of operational semantics for secure information flow

Information Processing Letters
Checking Secure Interactions of Smart Card Applets

ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
The Impact of Synchronisation on Secure Information Flow in Concurrent Programs

PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Abstract Interpretation of Small-Step Semantics

Selected papers from the 5th LOMAPS Workshop on Analysis and Verification of Multiple-Agent Languages

A Formal Correspondence between Offensive and Defensive JavaCard Virtual Machines

VMCAI '02 Revised Papers from the Third International Workshop on Verification, Model Checking, and Abstract Interpretation
Java bytecode verification for secure information flow

ACM SIGPLAN Notices
Non-interference for a JVM-like language

TLDI '05 Proceedings of the 2005 ACM SIGPLAN international workshop on Types in languages design and implementation
Checking secure information flow in java bytecode by code transformation and standard bytecode verification

Software—Practice & Experience
Security types preserving compilation

Computer Languages, Systems and Structures
Instruction-level security analysis for information flow in stack-based assembly languages

Information and Computation
Abstract interpretation to check secure information flow in programs with input-output security annotations

FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present an approach enabling end-users to prove security properties of the Java bytecode by statically analysing the code itself, thus eliminating the run time check for the access permission. The approach is based on the combination of two well-known techniques: abstract interpretation and model checking. By means of an operational abstract semantics of the bytecode, we built a finite transition system embodying security informations and abstracting from actual values. Then we model check it against some formulae expressing security properties. We use the SMV model checker. A main point of the paper is the definition of the properties that the abstract semantics must satisfy to ensure the absence of security leakages.