Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Types as abstract interpretations
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Systematic design of program analysis frameworks
POPL '79 Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
A Type-Based Approach to Program Security
TAPSOFT '97 Proceedings of the 7th International Joint Conference CAAP/FASE on Theory and Practice of Software Development
Abstract non-interference: parameterizing non-interference by abstract interpretation
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Non-interference for a JVM-like language
TLDI '05 Proceedings of the 2005 ACM SIGPLAN international workshop on Types in languages design and implementation
Information flow analysis for java bytecode
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Higher-order abstract non-interference
TLCA'05 Proceedings of the 7th international conference on Typed Lambda Calculi and Applications
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Security of multithreaded programs by compilation
ACM Transactions on Information and System Security (TISSEC)
Secure information flow by self-composition
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Hi-index | 0.00 |
This work presents a program analyzer for checking Abstract Non-Interference in a fragment of Java bytecode. Abstract Non-Interference is an information flow property which is weaker and more general than standard Non-Interference, since it can allow some selected parts of secret information to flow into the public part of a program. The motivation for such a weakening is that some flows are indeed useful in real-life applications. The amount of allowed flows is encoded into abstract domains, which characterize the degree of precision of a potential attacker in observing data; flows are forbidden as long as they can be observed and exploited by attackers. Abstract values describe possible values of programs in different executions. Basic features of Java bytecode are considered; advanced topics, such as method calls, objects and exceptions, are also discussed. A program is said to be secure if analysis computes a state which does not contain private information in public places; information flows can exist only as long as the attacker has not enough observational power to see and exploit them.