Skip to Main content Skip to Navigation

A sound dependency analysis for secure information flow (extended version)

Abstract : In this paper we present a flow-sensitive analysis for secure information flow for Java bytecode. Our approach consists in computing, at different program points, a dependency graph which tracks how input values of a method may influence its outputs. This computation subsumes a points-to analysis (reflecting how objects depend on each others) by addressing dependencies arising from data of primitive type and from the control flow of the program. Our graph construction is proved to be sound by establishing a non-interference theorem stating that an output value is unrelated with an input one in the dependency graph if the output remains unchanged when the input is modified. In contrast with many type-based information flow techniques, our approach does not require security levels to be known during the computation of the graph: security aspects of information flow are checked by labeling "a posteriori" the dependency graph with security levels.
Document type :
Complete list of metadata

Cited literature [21 references]  Display  Hide  Download
Contributor : Dorina Ghindici Connect in order to contact the contributor
Submitted on : Tuesday, November 6, 2007 - 11:03:26 AM
Last modification on : Thursday, February 24, 2022 - 3:10:15 AM
Long-term archiving on: : Thursday, September 23, 2010 - 4:03:21 PM


Files produced by the author(s)


  • HAL Id : inria-00185263, version 3


Dorina Ghindici, Isabelle Simplot-Ryl, Jean-Marc Talbot. A sound dependency analysis for secure information flow (extended version). [Research Report] RT-0347, INRIA. 2007. ⟨inria-00185263v3⟩



Record views


Files downloads