Information Flow Testing

Gurvan Le Guernic

inria-00198595, version 1

Information Flow Testing

Annual Asian Computing Science Conference 4846 (2007)

Résumé : Noninterference, which is an information flow property, is typically used as a baseline security policy to formalize confidentiality of secret information manipulated by a program. Noninterference verification mechanisms are usually based on static analyses and, to a lesser extent, on dynamic analyses. In contrast to those works, this paper proposes an information flow testing mechanism. This mechanism is sound from the point of view of noninterference. It is based on standard testing techniques and on a combination of dynamic and static analyses. Concretely, a semantics integrating a dynamic information flow analysis is proposed. This analysis makes use of static analyses results. This special semantics is built such that, once a path coverage property has been achieved on a program, a sound conclusion regarding the noninterfering behavior of the program can be established.

a – Kansas State University
1 : LANDE (INRIA - IRISA)
CNRS : UMR6074 – INRIA – Institut National des Sciences Appliquées (INSA) - Rennes – Université de Rennes 1

inria-00198595, version 1
http://hal.inria.fr/inria-00198595
oai:hal.inria.fr:inria-00198595
Contributeur : Gurvan Le Guernic <>
Soumis le : Lundi 17 Décembre 2007, 15:56:33
Dernière modification le : Lundi 17 Décembre 2007, 16:07:43

Voir la fiche détaillée

Documents associés

PDF :

DOI : 10.1007/978-3-540-76929-3_4

Exporter

Bibtex EndNote TEI RefWorks

%F inria-00198595, version 1
%0 Conference Proceedings
%U http://hal.inria.fr/inria-00198595
%2 INFO:INFO_PL;INFO:INFO_CR
%T Information Flow Testing
%A Le Guernic, Gurvan
%+ LANDE - INRIA - IRISA
%X Noninterference, which is an information flow property, is typically used as a baseline security policy to formalize confidentiality of secret information manipulated by a program. Noninterference verification mechanisms are usually based on static analyses and, to a lesser extent, on dynamic analyses. In contrast to those works, this paper proposes an information flow testing mechanism. This mechanism is sound from the point of view of noninterference. It is based on standard testing techniques and on a combination of dynamic and static analyses. Concretely, a semantics integrating a dynamic information flow analysis is proposed. This analysis makes use of static analyses results. This special semantics is built such that, once a path coverage property has been achieved on a program, a sound conclusion regarding the noninterfering behavior of the program can be established.
%2 D.: Software/D.4: OPERATING SYSTEMS/D.4.6: Security and Protection/D.4.6.3: Information flow controls, D.: Software/D.2: SOFTWARE ENGINEERING/D.2.5: Testing and Debugging, F.: Theory of Computation/F.3: LOGICS AND MEANINGS OF PROGRAMS/F.3.2: Semantics of Programming Languages/F.3.2.5: Program analysis, K.: Computing Milieux/K.4: COMPUTERS AND SOCIETY/K.4.1: Public Policy Issues/K.4.1.5: Privacy, D.: Software/D.2: SOFTWARE ENGINEERING/D.2.4: Software/Program Verification/D.2.4.3: Formal methods, D.: Software/D.2: SOFTWARE ENGINEERING/D.2.4: Software/Program Verification/D.2.4.8: Validation, D.: Software/D.3: PROGRAMMING LANGUAGES/D.3.1: Formal Definitions and Theory/D.3.1.0: Semantics
%G Anglais
%8 2007-00-00
%2 internationale
%B Annual Asian Computing Science Conference
%2 Doha
%2 Qatar
%8 2007-12-09
%2 Carnegie Mellon University Qatar Campus
%E Cervesato, Iliano
%I Springer
%2 Advances in Computer Science – ASIAN 2007. Computer and Network Security
%V 4846
%N Lecture Notes in Computer Science
%R 10.1007/978-3-540-76929-3_4
%K Noninterference; Testing; Confidentiality; Information Flow