A Better Facet of Dynamic Information Flow Control
Résumé
Multiple Facets (MF) is a dynamic enforcement mechanism which has proved to be a good fit for implementing information flow security for JavaScript. It relies on multi executing the program, once per each security level or view, to achieve soundness. By looking inside programs, MF encodes the views to reduce the number of needed multi-executions.
In this work, we extend Multiple Facets in three directions. First, we propose a new version of MF for arbitrary lattices, called Gener-alised Multiple Facets, or GMF. GMF strictly generalizes MF, which was originally proposed for a specific lattice of principals. Second, we propose a new optimization on top of GMF that further reduces the number of executions. Third, we strengthen the security guarantees provided by Multiple Facets by proposing a termination sensitive version that eliminates covert channels due to termination .
Origine : Fichiers produits par l'(les) auteur(s)
Loading...