Mark Thober scite author profile

This paper focuses on improving the usability of information flow type systems. We present a static information flow type inference system for Middleweight Java (MJ) which automatically infers information flow labels, thus avoiding the need for a multitude of program annotations. Additionally, policies need only be specified on IO channels, the critical flow boundary. Our type system includes a high degree of parametric polymorphism, necessary to allow classes to be used in multiple security contexts, and to properly distinguish the security policies of different IO channels.We prove a noninterference property for programs that interactively input and output data. We then describe a mechanism that allows users to define top-level policies, which automatically inserts the security policies at the proper points in the program. This provides the further benefit that whomever is defining the policy does not necessarily need intimate knowledge of the program source.

show abstract

Refactoring programs to secure information flows

Smith

Thober

2006

View full text Add to dashboard Cite

Adding a sound information flow security policy to an existing program is a difficult task that requires major analysis of and changes to the program. In this paper we show how refactoring programs into distinct components of high and low security is a useful methodology to aid in the production of programs with sound information flow policies. Our methodology proceeds as follows. Given a program with no information flow controls, a program slicer is used to identify code that depends on high security inputs. High security code so identified is then refactored into a separate component, which may be accessed by the low security component via public method calls. A security policy that labels input data and checks the output points can then enforce the desired end-to-end security property. Controlled information releases can occur at explicit declassification points if deemed safe. The result is a wellengineered program with explicit interfaces between components of different security levels.

show abstract

Improving coherency of runtime integrity measurement

Thober

Pendergrass

McDonell

2008

View full text Add to dashboard Cite

Recent work in software integrity verification provides techniques for measuring integrity at runtime, where a measurement agent observes the memory image of a running process and constructs some meaningful description of the process's current state. Unlike in static and load time measurement architectures, the target of a runtime measurement is running and hence able to change its state. In this setting, an accurate measurement must reflect a coherent state of the target. A coherent measurement must satisfy two properties: atomicity ensures that a measurement corresponds to the state of the target at a particular point in time and quiescence ensures that the target data is in a consistent state, i.e. not a critical section. We address the former property, showing that we can obtain an atomic measurement using a memory copy-on-write strategy, which we have implemented in the Xen hypervisor. We show that this approach achieves significant performance gains in the memory and time impact to the target, when compared with naive strategies for enforcing atomicity.

show abstract

Securing information flow via dynamic capture of dependencies

Shroff

Smith

Thober

2008

JCS

View full text Add to dashboard Cite

Although static systems for information flow security are well studied, few works address runtime information flow monitoring. Runtime information flow control offers distinct advantages in precision and in the ability to support dynamically defined policies. To this end, we here develop a new runtime information flow system based on the runtime tracking of indirect dependencies between program points. Our system tracks both direct and indirect information flows, and noninterference results are proved.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Mark Thober

Dynamic Dependency Monitoring to Secure Information Flow

Improving usability of information flow security in java

Refactoring programs to secure information flows

Improving coherency of runtime integrity measurement

Securing information flow via dynamic capture of dependencies

Contact Info

Product

Resources

About