Skip to Main content Skip to Navigation
Conference papers

A sound analysis for secure information flow using abstract memory graph

Abstract : In this paper we present a flow-sensitive analysis for secure informa- tion flow for Java bytecode. Our approach consists of computing, at all program points, an abstract memory graph (AMG) which tracks how input values of a method may influence its outputs. This computation subsumes a points-to anal- ysis (reflecting how objects depend on each other) by addressing dependencies arising from data of primitive types and from the control flow of the program. Our graph construction is proved to be sound for both intra-procedural and inter- procedural analysis by establishing a non-interference theorem stating that if an output value is unrelated to an input one in the AMG then the output remains un- changed when the input is modified. In contrast with many type-based informa- tion flow techniques, our approach does not require security levels to be known during the computation of the graph: security aspects of information flow are checked by labeling ”a posteriori” the AMG with security levels.
Document type :
Conference papers
Complete list of metadata
Contributor : Isabelle Simplot-Ryl Connect in order to contact the contributor
Submitted on : Thursday, December 9, 2010 - 11:44:35 AM
Last modification on : Thursday, February 24, 2022 - 3:10:14 AM

Links full text




Dorina Ghindici, Isabelle Simplot-Ryl, Jean-Marc Talbot. A sound analysis for secure information flow using abstract memory graph. Proc. 3rd IPM International Conference on Fundamentals of Software Engineering, FSEN 2009, Revised Selected papers, 2010, Kish Island, Persian Gulf, Iran, Iran. pp.355--370, ⟨10.1007/978-3-642-11623-0_21⟩. ⟨inria-00544943⟩



Record views