Monitoring Information Flow
2006 (English)In: Proceedings of the Workshop on Foundations of Computer Security, 2006, 19-30 p.Conference paper (Refereed)
We present an information flow monitoring mechanism for sequential programs. The monitor executes a program on standard data that are tagged with labels indicating their security level. We formalize the monitoring mechanism as a big-step operational semantics that integrates a static information flow analysis to gather information flow properties of non-executed branches of the program. Using the information flow monitoring mechanism, it is then possible to partition the set of all executions in two sets. The first one contains executions which are safe and the other one contains executions which may be unsafe. Based on this information, we show that, by resetting the value of some output variables, it is possible to alter the behavior of executions belonging to the second set in order to ensure the confidentiality of secret data.
Place, publisher, year, edition, pages
2006. 19-30 p.
Computer and Information Science
IdentifiersURN: urn:nbn:se:kth:diva-50768OAI: oai:DiVA.org:kth-50768DiVA: diva2:462642
Workshop on Foundations of Computer Security, FCS´05, Chicago, USA
QC 201112082011-12-072011-12-072011-12-08Bibliographically approved