Skip to Main content Skip to Navigation
Reports

A sound dependency analysis for secure information flow (extended version)

Abstract : In this paper we present a flow-sensitive analysis for secure information flow for Java bytecode. Our approach consists in computing, at different program points, a dependency graph which tracks how input values of a method may influence its outputs. This computation subsumes a points-to analysis (reflecting how objects depend on each others) by addressing dependencies arising from data of primitive type and from the control flow of the program. Our graph construction is proved to be sound by establishing a non-interference theorem stating that an output value is unrelated with an input one in the dependency graph if the output remains unchanged when the input is modified. In contrast with many type-based information flow techniques, our approach does not require security levels to be known during the computation of the graph: security aspects of information flow are checked by labeling "a posteriori" the dependency graph with security levels.
Document type :
Reports
Complete list of metadata

Cited literature [21 references]  Display  Hide  Download

https://hal.inria.fr/inria-00185263
Contributor : Dorina Ghindici <>
Submitted on : Tuesday, November 6, 2007 - 11:03:26 AM
Last modification on : Thursday, April 8, 2021 - 3:13:49 AM
Long-term archiving on: : Thursday, September 23, 2010 - 4:03:21 PM

Files

RT-0347.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : inria-00185263, version 3

Collections

Citation

Dorina Ghindici, Isabelle Simplot-Ryl, Jean-Marc Talbot. A sound dependency analysis for secure information flow (extended version). [Research Report] RT-0347, INRIA. 2007. ⟨inria-00185263v3⟩

Share

Metrics

Record views

587

Files downloads

564