Languagebased informationflow security computer and. We present a novel approach to information flow security that distributes the track. In class we saw discretionary and mandatory access control. Each of the following sections examines a particular challenge for deploying languagebased informationflow technology. In this paper, we survey the past three decades of research on informationflow security, particularly focusing on work that uses static program analysis to enforce informationflow policies. Abstractcurrent standard security practices do not pro vide substantial. Languagebased informationflow security ieee journals. There are four directions of research in languagebased security.
In this report, we examine jif, a java extension which augments the language with features related to security. Previously, a promising new approach has been developed. We list the main features of jif and discuss the information flow problem that jif helps to solve. Citeseerx document details isaac councill, lee giles, pradeep teregowda.
Jif adds support for security labels to javas type system such that the developer can specify confidentiality and integrity policies to the various variables used in their program. We present a comprehensive information flow tracking browser section 5 based. Languagebased informationflow security ieee journal on. An endtoend confidentiality policy might assert that secret input data cannot be inferred by an attacker through the attackers observations of system output. Languagebased informationflow security article pdf available in ieee journal on selected areas in communications 211 february 20 with 252 reads how we measure reads. Language based information flow security purdue cs. Languagebased informationflow security andrei sabelfeld and andrew c. Languagebased information flow security gradebuddy. Languagebased informationflow security steve zdancewic university of pennsylvania. Current standard security practices do not provide substantial assurance that the endtoend behavior of a computing system satisfies important security policies such as confidentiality. Language based information flow security andrei sabelfield andrew c myers presentation ashish kundu ashishk cs purdue edu ashish kundu cs590f purdue 02 12 07 outline security requirements information flow background language based information flow open challenges discussion conclusion ashish kundu cs590f purdue 02 12 07 information flow h h confidential h confidential. An endtoend confidentiality policy might assert that secret input data cannot be inferred by an attacker through the attackers.
219 230 468 425 1319 352 12 1098 455 130 257 1645 226 166 1646 1554 507 449 440 1466 354 95 696 972 1361 1278 1114 212