A progress-sensitive flow-sensitive inlined information-flow control monitor (extended version)

•We present a novel progress-sensitive, flow-sensitive hybrid information-flow control monitor for an imperative language.•Our hybrid monitor is inlined: source programs are translated into a target language that supports dynamic security levels.•Our hybrid monitor uses sets of levels to track the different possible security types of variables.•We prove that our monitor is sound and that the semantics of the original program is preserved. We present a novel progress-sensitive, flow-sensitive hybrid information-flow control monitor for an imperative interactive language. Progress-sensitive information-flow control is a strong information security guarantee which ensures that a program's progress (or lack of) does not leak information. Flow-sensitivity means that this strong security guarantee is enforced fairly precisely: our monitor tracks information flow per variable and per program point. We illustrate our approach on an imperative interactive language. Our hybrid monitor is inlined: source programs are translated, by a type-based analysis, into a target language that supports dynamic security levels. A key benefit of this is that the resulting monitored program is amenable to standard optimization techniques such as partial evaluation. One of the distinguishing features of our hybrid monitor is that it uses sets of levels to track the different possible security types of variables. This feature allows us to distinguish outputs that never leak information from those that may leak information.