CPL - Chalmers Publication Library
| Utbildning | Forskning | Styrkeområden | Om Chalmers | In English In English Ej inloggad.

Timing Aware Information Flow Security for a JavaCard-like Bytecode

Daniel Hedin (Institutionen för data- och informationsteknik, Datavetenskap (Chalmers)) ; David Sands (Institutionen för data- och informationsteknik, Datavetenskap (Chalmers))
Electronic Notes in Theoretical Computer Science, Proceedings of the First Workshop on Bytecode Semantics, Verification, Analysis and Transformation (Bytecode 2005) (1571-0661). Vol. 141 (2005), 1, p. 163-182.
[Konferensbidrag, refereegranskat]

Common protection mechanisms fail to provide end-to-end security; programs with legitimate access to secret information are not prevented from leaking this to the world. Information-flow aware analyses track the flow of information through the program to prevent such leakages, but often ignore information flows through covert channels even though they pose a serious threat. A typical covert channel is to use the timing of certain events to carry information. We present a timing-aware information-flow type system for a low-level language similar to a non-trivial subset of a sequential Java bytecode. The type system is parameterized over the time model of the instructions of the language and over the algorithm enforcing low-observational equivalence, used in the prevention of implicit and timing flows.



Denna post skapades 2006-08-25. Senast ändrad 2013-06-03.
CPL Pubid: 12372

 

Läs direkt!


Länk till annan sajt (kan kräva inloggning)


Institutioner (Chalmers)

Institutionen för data- och informationsteknik, Datavetenskap (Chalmers)

Ämnesområden

Teoretisk datalogi

Chalmers infrastruktur

Relaterade publikationer

Denna publikation ingår i:


Language Based Covert Channel Avoidance