2007
DOI: 10.1007/978-3-540-77505-8_7
|View full text |Cite
|
Sign up to set email alerts
|

Automata-Based Confidentiality Monitoring

Abstract: Non-interference is typically used as a baseline security policy to formalize confidentiality of secret information manipulated by a program. In contrast to static checking of non-interference, this paper considers dynamic, automaton-based, monitoring of information flow for a single execution of a sequential program. The monitoring mechanism is based on a combination of dynamic and static analyses. During program execution, abstractions of program events are sent to the automaton, which uses the abstractions … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

1
83
0

Year Published

2010
2010
2019
2019

Publication Types

Select...
6
3

Relationship

0
9

Authors

Journals

citations
Cited by 68 publications
(84 citation statements)
references
References 31 publications
1
83
0
Order By: Relevance
“…Also, in addition to support information flow analysis, our framework also allows us to verify many other properties such as deadlock-freedom [35]. Guernic et al [21] present an automata-based dynamic information flow analysis technique, while the information flow analysis technique presented in this paper is a static analysis technique. Information flow analysis has also been applied to programs (e.g.…”
Section: Related Workmentioning
confidence: 97%
“…Also, in addition to support information flow analysis, our framework also allows us to verify many other properties such as deadlock-freedom [35]. Guernic et al [21] present an automata-based dynamic information flow analysis technique, while the information flow analysis technique presented in this paper is a static analysis technique. Information flow analysis has also been applied to programs (e.g.…”
Section: Related Workmentioning
confidence: 97%
“…Le Guernic et al [8] present the rst hybrid information-ow control monitor. The enforcement is based on a monitor that is able to perform static checks during the execution.…”
Section: Instrumentation As a Type Systemmentioning
confidence: 99%
“…Dynamic mechanisms (e.g., [4]) accept or reject individual executions at runtime and thus can incur signicant runtime overheads. Hybrid informationow control techniques (e.g., [8]) combine static and dynamic program analysis and strive to achieve the benets of both: precise (i.e., per-execution) enforcement of security and low runtime overhead. We present a novel progress-sensitive [2], ow-sensitive hybrid informationow control monitor for an imperative interactive language.…”
Section: Introductionmentioning
confidence: 99%
“…Accordingly, we have seen renewed interest and substantial progress in research on dynamic information-flow control in recent years [3,11,19,20]. This research has aimed to develop, then to use, flexible and efficient systems that satisfy non-interference properties.…”
Section: Static and Dynamic Language-based Information-flow Controlmentioning
confidence: 99%