Information Flow Testing

Gurvan Le Guernic 1
1 Lande - Logiciel : ANalyse et DEveloppement
IRISA - Institut de Recherche en Informatique et Systèmes Aléatoires, Inria Rennes – Bretagne Atlantique
Abstract : Noninterference, which is an information flow property, is typically used as a baseline security policy to formalize confidentiality of secret information manipulated by a program. Noninterference verification mechanisms are usually based on static analyses and, to a lesser extent, on dynamic analyses. In contrast to those works, this paper proposes an information flow testing mechanism. This mechanism is sound from the point of view of noninterference. It is based on standard testing techniques and on a combination of dynamic and static analyses. Concretely, a semantics integrating a dynamic information flow analysis is proposed. This analysis makes use of static analyses results. This special semantics is built such that, once a path coverage property has been achieved on a program, a sound conclusion regarding the noninterfering behavior of the program can be established.
Complete list of metadatas

Cited literature [17 references]  Display  Hide  Download

https://hal.inria.fr/inria-00198595
Contributor : Gurvan Le Guernic <>
Submitted on : Monday, December 17, 2007 - 3:56:33 PM
Last modification on : Friday, November 16, 2018 - 1:31:19 AM
Long-term archiving on : Thursday, September 27, 2012 - 11:36:00 AM

File

noninterferenceTesting.pdf
Files produced by the author(s)

Identifiers

Citation

Gurvan Le Guernic. Information Flow Testing. Annual Asian Computing Science Conference, Carnegie Mellon University Qatar Campus, Dec 2007, Doha, Qatar. ⟨10.1007/978-3-540-76929-3_4⟩. ⟨inria-00198595⟩

Share

Metrics

Record views

278

Files downloads

542