CPL - Chalmers Publication Library
| Utbildning | Forskning | Styrkeområden | Om Chalmers | In English In English Ej inloggad.

Value Sensitivity and Observable Abstract Values for Information Flow Control

Luciano Bello (Institutionen för data- och informationsteknik, Programvaruteknik (Chalmers)) ; Daniel Hedin (Institutionen för data- och informationsteknik, Programvaruteknik (Chalmers)) ; Andrei Sabelfeld (Institutionen för data- och informationsteknik, Programvaruteknik (Chalmers))
Lecture Notes in Computer Science. Proceedings of the International Conferences on Logic for Programming, Artificial Intelligence and Reasoning (LPAR) (0302-9743). Vol. 9450 (2015), p. 63-78.
[Konferensbidrag, refereegranskat]

Much progress has recently been made on information flow control, enabling the enforcement of increasingly rich policies for increasingly expressive programming languages. This has resulted in tools for mainstream programming languages as JavaScript, Java, Caml, and Ada that enforce versatile security policies. However, a roadblock on the way to wider adoption of these tools has been their limited permissiveness (high number of false positives). Flow-, context-, and object-sensitive techniques have been suggested to improve the precision of static information flow control and dynamic monitors have been explored to leverage the knowledge about the current run for precision. This paper explores value sensitivity to boost the permissiveness of information flow control.We show that both dynamic and hybrid information flow mechanisms benefit from value sensitivity. Further, we introduce the concept of observable abstract values to generalize and leverage the power of value sensitivity to richer programming languages. We demonstrate the usefulness of the approach by comparing it to known disciplines for dealing with information flow in dynamic and hybrid settings.



Den här publikationen ingår i följande styrkeområden:

Läs mer om Chalmers styrkeområden  

Denna post skapades 2015-12-04. Senast ändrad 2016-11-02.
CPL Pubid: 227240

 

Läs direkt!


Länk till annan sajt (kan kräva inloggning)