A Better Facet of Dynamic Information Flow Control

Abstract : Multiple Facets (MF) is a dynamic enforcement mechanism which has proved to be a good fit for implementing information flow security for JavaScript. It relies on multi executing the program, once per each security level or view, to achieve soundness. By looking inside programs, MF encodes the views to reduce the number of needed multi-executions. In this work, we extend Multiple Facets in three directions. First, we propose a new version of MF for arbitrary lattices, called Gener-alised Multiple Facets, or GMF. GMF strictly generalizes MF, which was originally proposed for a specific lattice of principals. Second, we propose a new optimization on top of GMF that further reduces the number of executions. Third, we strengthen the security guarantees provided by Multiple Facets by proposing a termination sensitive version that eliminates covert channels due to termination .
Complete list of metadatas

Cited literature [38 references]  Display  Hide  Download

https://hal.inria.fr/hal-01723723
Contributor : Minh Ngo <>
Submitted on : Monday, March 5, 2018 - 4:56:35 PM
Last modification on : Wednesday, August 7, 2019 - 12:18:47 PM
Long-term archiving on : Wednesday, June 6, 2018 - 4:14:10 PM

File

main-hal.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01723723, version 1

Collections

Citation

Minh Ngo, Nataliia Bielova, Cormac Flanagan, Tamara Rezk, Alejandro Russo, et al.. A Better Facet of Dynamic Information Flow Control. WWW '18 Companion: The 2018 Web Conference Companion, Apr 2018, Lyon, France. pp.1-9. ⟨hal-01723723⟩

Share

Metrics

Record views

699

Files downloads

165