A Type System for Computationally Secure Information Flow

2005 ◽  
pp. 365-377 ◽  
Author(s):  
Peeter Laud ◽  
Varmo Vene
Keyword(s):  
Information Flow ◽  
Type System ◽  
Secure Information

scholarly journals A permission-dependent type system for secure information flow analysis

2021 ◽  
pp. 1-68
Author(s):  
Zhiwu Xu ◽  
Hongxu Chen ◽  
Alwen Tiu ◽  
Yang Liu ◽  
Kunal Sareen
Keyword(s):  
Information Flow ◽  
Flow Analysis ◽  
Type System ◽  
Information Leakage ◽  
Inference Problem ◽  
Ordered Binary Decision Diagrams ◽  
Information Flow Analysis ◽  
Secure Information ◽  
Android Applications ◽  
Android Permission

We introduce a novel type system for enforcing secure information flow in an imperative language. Our work is motivated by the problem of statically checking potential information leakage in Android applications. To this end, we design a lightweight type system featuring Android permission model, where the permissions are statically assigned to applications and are used to enforce access control in the applications. We take inspiration from a type system by Banerjee and Naumann to allow security types to be dependent on the permissions of the applications. A novel feature of our type system is a typing rule for conditional branching induced by permission testing, which introduces a merging operator on security types, allowing more precise security policies to be enforced. The soundness of our type system is proved with respect to non-interference. A type inference algorithm is also presented for the underlying security type system, by reducing the inference problem to a constraint solving problem in the lattice of security types. In addition, a new way to represent our security types as reduced ordered binary decision diagrams is proposed.

A uniform type structure for secure information flow

2002 ◽  
Vol 37 (1) ◽  
pp. 81-92 ◽  
Author(s):  
Kohei Honda ◽  
Nobuko Yoshida
Keyword(s):  
Information Flow ◽  
Type Structure ◽  
Secure Information

scholarly journals GARUDA: Designing Energy-Efficient Hardware Monitors From High-Level Policies for Secure Information Flow

2018 ◽  
Vol 37 (11) ◽  
pp. 2509-2518
Author(s):  
Seaghan Sefton ◽  
Taiman Siddiqui ◽  
Nathaniel St. Amour ◽  
Gordon Stewart ◽  
Avinash Karanth Kodi
Keyword(s):  
Information Flow ◽  
Energy Efficient ◽  
Secure Information ◽  
High Level

scholarly journals A Method for Model-Driven Information Flow Security

2012 ◽  
pp. 199-229 ◽  
Author(s):  
Fredrik Seehusen ◽  
Ketil Stølen
Keyword(s):  
Software Development ◽  
Information Flow ◽  
System Architecture ◽  
Security Requirements ◽  
State Machines ◽  
Flow Properties ◽  
Information Flow Security ◽  
Software Developer ◽  
Model Driven ◽  
Secure Information

We present a method for software development in which information flow security is taken into consideration from start to finish. Initially, the user of the method (i.e., a software developer) specifies the system architecture and selects a set of security requirements (in the form of secure information flow properties) that the system must adhere to. The user then specifies each component of the system architecture using UML inspired state machines, and refines/transforms these (abstract) state machines into concrete state machines. It is shown that if the abstract specification adheres to the security requirements, then so does the concrete one provided that certain conditions are satisfied.

Sign in / Sign up

Export Citation Format

Share Document