Current standard security practices do not provide substantial assurance that the endtoend behavior of a computing system satisfies important. We present a novel approach to information flow security that distributes the track. Jif adds support for security labels to javas type system such that the developer can specify confidentiality and integrity policies to the various variables used in their program. In class we saw discretionary and mandatory access control. Language based information flow security andrei sabelfield andrew c myers presentation ashish kundu ashishk cs purdue edu ashish kundu cs590f purdue 02 12 07 outline security requirements information flow background language based information flow open challenges discussion conclusion ashish kundu cs590f purdue 02 12 07 information flow h h confidential h confidential. Previously, a promising new approach has been developed.
Languagebased information flow security gradebuddy. Myers abstractcurrent standard security practices do not provide substantial assurance that the endtoend behavior of a computing system satis. In this paper, we survey the past three decades of research on informationflow security, particularly focusing on work that uses static program analysis to enforce informationflow policies. We list the main features of jif and discuss the information flow problem that jif helps to solve. An endtoend confidentiality policy might assert that secret input data cannot be inferred by an attacker through the attackers observations of system output. We present a comprehensive information flow tracking browser section 5 based. Languagebased informationflow security semantic scholar. Languagebased informationflow security ieee journal on. Languagebased informationflow security ieee journals. Abstractcurrent standard security practices do not pro vide substantial. There are four directions of research in languagebased security. Languagebased informationflow security article pdf available in ieee journal on selected areas in communications 211 february 20 with 252 reads how we measure reads. An endtoend confidentiality policy might assert that secret input data cannot be inferred by an attacker through the attackers.
1018 891 1312 19 1530 419 1459 1241 439 1025 635 12 622 163 1177 648 1363 780 1340 411 982 271 17 254 367 69 582 165 831 876 1028 495