Automata-based Confidentiality Monitoring
2006 (English)In: ADVANCES IN COMPUTER SCIENCE - ASIAN 2006: SECURE SOFTWARE AND RELATED ISSUES / [ed] Okada, M, Springer Berlin/Heidelberg, 2006, 75-89 p.Conference paper (Refereed)
Non-interference is typically used as a baseline security policy to formalize confidentiality of secret information manipulated by a program. In contrast to static checking of non-interference, this paper considers dynamic, automaton-based, monitoring of information flow for a single execution of a sequential program. The mechanism is based on a combination of dynamic and static analyses. During program execution, abstractions of program events are sent to the automaton, which uses the abstractions to track information flows and to control the execution by forbidding or editing dangerous actions. The mechanism proposed is proved to be sound, to preserve executions of well-typed programs (in the security type system of Volpano, Smith and Irvine), and to preserve some safe executions of ill-typed programs.
Place, publisher, year, edition, pages
Springer Berlin/Heidelberg, 2006. 75-89 p.
, Lecture Notes In Computer Science, ISSN 0302-9743 ; 4435
Computer and Information Science
IdentifiersURN: urn:nbn:se:kth:diva-50705DOI: 10.1007/978-3-540-77505-8_7ISI: 000253273700007ISBN: 978-3-540-77504-1OAI: oai:DiVA.org:kth-50705DiVA: diva2:462626
11th Asian Computing Science Conference Location: Tokyo, JAPAN Date: DEC 06-08, 2006
QC 201112082011-12-072011-12-072011-12-08Bibliographically approved