Monitoring Information Flow

Gurvan Le Guernic 1, 2 Thomas Jensen 1
1 Lande - Logiciel : ANalyse et DEveloppement
IRISA - Institut de Recherche en Informatique et Systèmes Aléatoires, Inria Rennes – Bretagne Atlantique
Abstract : We present an information flow monitoring mechanism for sequential programs. The monitor executes a program on standard data that are tagged with labels indicating their security level. We formalize the monitoring mechanism as a big-step operational semantics that integrates a static information flow analysis to gather information flow properties of non-executed branches of the program. Using the information flow monitoring mechanism, it is then possible to partition the set of all executions in two sets. The first one contains executions which "are safe" and the other one contains executions which "may be unsafe". Based on this information, we show that, by resetting the value of some output variables, it is possible to alter the behavior of executions belonging to the second set in order to ensure the confidentiality of secret data.
Complete list of metadatas

Cited literature [27 references]  Display  Hide  Download

https://hal.inria.fr/inria-00001218
Contributor : Gurvan Le Guernic <>
Submitted on : Friday, April 7, 2006 - 3:51:23 PM
Last modification on : Friday, November 16, 2018 - 1:22:52 AM
Long-term archiving on : Saturday, April 3, 2010 - 11:08:36 PM

Identifiers

  • HAL Id : inria-00001218, version 1

Citation

Gurvan Le Guernic, Thomas Jensen. Monitoring Information Flow. Workshop on Foundations of Computer Security - FCS'05, Jul 2005, Chicago/USA, pp.19--30. ⟨inria-00001218⟩

Share

Metrics

Record views

638

Files downloads

468