Noninterference via Symbolic Execution

Abstract : Noninterference is a high-level security property that guarantees the absence of illicit information flow at runtime. Noninterference can be enforced statically using information flow type systems; however, these are criticized for being overly conservative and rejecting secure programs. More precision can be achieved by using program logics, but such an approach lacks its own verification tools. In this work we propose a novel, alternative approach: utilizing symbolic execution in combination with ideas from program logics in an attempt to increase the precision of analyses and automate noninterference testing. Dealing with policies incorporating declassification is also explored. The feasibility of the proposal is illustrated using a prototype tool based on the KLEE symbolic execution engine.
Type de document :
Communication dans un congrès
Holger Giese; Grigore Rosu. 14th International Conference on Formal Methods for Open Object-Based Distributed Systems (FMOODS) / 32nd International Conference on Formal Techniques for Networked and Distributed Systems (FORTE), Jun 2012, Stockholm, Sweden. Springer, Lecture Notes in Computer Science, LNCS-7273, pp.152-168, 2012, Formal Techniques for Distributed Systems. 〈10.1007/978-3-642-30793-5_10〉
Liste complète des métadonnées

Littérature citée [23 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01528732
Contributeur : Hal Ifip <>
Soumis le : lundi 29 mai 2017 - 15:53:57
Dernière modification le : lundi 29 mai 2017 - 15:55:36
Document(s) archivé(s) le : mercredi 6 septembre 2017 - 11:26:40

Fichier

978-3-642-30793-5_10_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Dimiter Milushev, Wim Beck, Dave Clarke. Noninterference via Symbolic Execution. Holger Giese; Grigore Rosu. 14th International Conference on Formal Methods for Open Object-Based Distributed Systems (FMOODS) / 32nd International Conference on Formal Techniques for Networked and Distributed Systems (FORTE), Jun 2012, Stockholm, Sweden. Springer, Lecture Notes in Computer Science, LNCS-7273, pp.152-168, 2012, Formal Techniques for Distributed Systems. 〈10.1007/978-3-642-30793-5_10〉. 〈hal-01528732〉

Partager

Métriques

Consultations de la notice

62

Téléchargements de fichiers

30