A sound dependency analysis for secure information flow (extended version)

Abstract : In this paper we present a flow-sensitive analysis for secure information flow for Java bytecode. Our approach consists in computing, at different program points, a dependency graph which tracks how input values of a method may influence its outputs. This computation subsumes a points-to analysis (reflecting how objects depend on each others) by addressing dependencies arising from data of primitive type and from the control flow of the program. Our graph construction is proved to be sound by establishing a non-interference theorem stating that an output value is unrelated with an input one in the dependency graph if the output remains unchanged when the input is modified. In contrast with many type-based information flow techniques, our approach does not require security levels to be known during the computation of the graph: security aspects of information flow are checked by labeling "a posteriori" the dependency graph with security levels.
Type de document :
[Research Report] RT-0347, INRIA. 2007
Liste complète des métadonnées

Littérature citée [21 références]  Voir  Masquer  Télécharger

Contributeur : Dorina Ghindici <>
Soumis le : mardi 6 novembre 2007 - 11:03:26
Dernière modification le : vendredi 9 mars 2018 - 11:25:20
Document(s) archivé(s) le : jeudi 23 septembre 2010 - 16:03:21


Fichiers produits par l'(les) auteur(s)


  • HAL Id : inria-00185263, version 3



Dorina Ghindici, Isabelle Simplot-Ryl, Jean-Marc Talbot. A sound dependency analysis for secure information flow (extended version). [Research Report] RT-0347, INRIA. 2007. 〈inria-00185263v3〉



Consultations de la notice


Téléchargements de fichiers