Abstract : We present a novel progress-sensitive, flow-sensitive hybrid information-flow control monitor for an imperative interactive language. Progress-sensitive information-flow control is a strong information security guarantee which ensures that a program’s progress (or lack of) does not leak information. Flow-sensitivity means that this strong security guarantee is enforced fairly precisely: we track information flow according to the source of information and not to an a priori given variable security level. We illustrate our approach on an imperative interactive language. Our hybrid monitor is inlined: source programs are translated, by a type-based analysis, into a target language that supports dynamic security levels. A key benefit of this is that the resulting monitored program is amenable to standard optimization techniques such as partial evaluation.
https://hal.inria.fr/hal-01369568 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Wednesday, September 21, 2016 - 10:58:42 AM Last modification on : Monday, July 20, 2020 - 1:06:04 PM Long-term archiving on: : Thursday, December 22, 2016 - 12:43:54 PM
Andrew Bedford, Stephen Chong, Josée Desharnais, Nadia Tawbi. A Progress-Sensitive Flow-Sensitive Inlined Information-Flow Control Monitor. 31st IFIP International Information Security and Privacy Conference (SEC), May 2016, Ghent, Belgium. pp.352-366, ⟨10.1007/978-3-319-33630-5_24⟩. ⟨hal-01369568⟩