Skip to Main content Skip to Navigation
New interface
Conference papers

A Taxonomy of Information Flow Monitors

Nataliia Bielova 1 Tamara Rezk 1 
1 INDES - Secure Diffuse Programming
CRISAM - Inria Sophia Antipolis - Méditerranée
Abstract : We propose a rigorous comparison of information flow monitors with respect to two dimensions: soundness and transparency. For soundness, we notice that the standard information flow security definition called Termination-Insensitive Noninterference (TINI) allows the presence of termination channels, however it does not describe whether the termination channel was present in the original program, or it was added by a monitor. We propose a stronger notion of noninterference, that we call Termination-Aware Noninterference (TANI), that captures this fact, and thus allows us to better evaluate the security guarantees of different monitors. We further investigate TANI, and state its formal relations to other soundness guarantees of information flow monitors. For transparency, we identify different notions from the literature that aim at comparing the behaviour of monitors. We notice that one common notion used in the literature is not adequate since it identifies as better a monitor that accepts insecure executions, and hence may augment the knowledge of the attacker. To discriminate between monitors' behaviours on secure and insecure executions, we factorized two notions that we call true and false transparency. These notions allow us to compare monitors that were deemed to be incomparable in the past. We analyse five widely explored information flow monitors: no-sensitive-upgrade (NSU), permissive-upgrade (PU), hybrid monitor (HM), secure multi-execution (SME), and multiple facets (MF).
Complete list of metadata

Cited literature [31 references]  Display  Hide  Download
Contributor : Nataliia Bielova Connect in order to contact the contributor
Submitted on : Friday, July 22, 2016 - 3:26:23 PM
Last modification on : Saturday, June 25, 2022 - 11:20:55 PM


Files produced by the author(s)




Nataliia Bielova, Tamara Rezk. A Taxonomy of Information Flow Monitors. International Conference on Principles of Security and Trust (POST 2016), Apr 2016, Eindhoven, Netherlands. pp.46--67, ⟨10.1007/978-3-662-49635-0_3⟩. ⟨hal-01348188⟩



Record views


Files downloads