Securing information flow via dynamic capture of dependencies

Securing information flow via dynamic capture of dependencies

Although static systems for information flow security are well studied, few works address runtime information flow monitoring. Runtime information flow control offers distinct advantages in precision and in the ability to support dynamically defined policies. To this end, we here develop a new runti...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of computer security 2008-01, Vol.16 (5), p.637-688
Hauptverfasser: Shroff, Paritosh, Smith, Scott F., Thober, Mark
Format: Artikel
Sprache:eng
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Although static systems for information flow security are well studied, few works address runtime information flow monitoring. Runtime information flow control offers distinct advantages in precision and in the ability to support dynamically defined policies. To this end, we here develop a new runtime information flow system based on the runtime tracking of indirect dependencies between program points. Our system tracks both direct and indirect information flows, and noninterference results are proved.
ISSN:0926-227X
1875-8924
DOI:10.3233/JCS-2008-0335