TY - GEN
T1 - Calculational design of information flow monitors
AU - Assaf, Mounir
AU - Naumann, David A.
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2016/8/8
Y1 - 2016/8/8
N2 - Fine grained information flow monitoring can in principle address a wide range of security and privacy goals, for example in web applications. But it is very difficult to achieve sound monitoring with acceptable runtime cost and sufficient precision to avoid impractical restrictions on programs and policies. We present a systematic technique for design of monitors that are correct by construction. It encompasses policies with downgrading. The technique is based on abstract interpretation which is a standard basis for static analysis of programs. This should enable integration of a wide range of analysis techniques, enabling more sophisticated engineering of monitors to address the challenges of precision and scaling to widely used programming languages.
AB - Fine grained information flow monitoring can in principle address a wide range of security and privacy goals, for example in web applications. But it is very difficult to achieve sound monitoring with acceptable runtime cost and sufficient precision to avoid impractical restrictions on programs and policies. We present a systematic technique for design of monitors that are correct by construction. It encompasses policies with downgrading. The technique is based on abstract interpretation which is a standard basis for static analysis of programs. This should enable integration of a wide range of analysis techniques, enabling more sophisticated engineering of monitors to address the challenges of precision and scaling to widely used programming languages.
UR - http://www.scopus.com/inward/record.url?scp=84985930960&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84985930960&partnerID=8YFLogxK
U2 - 10.1109/CSF.2016.22
DO - 10.1109/CSF.2016.22
M3 - Conference contribution
AN - SCOPUS:84985930960
T3 - Proceedings - IEEE Computer Security Foundations Symposium
SP - 210
EP - 224
BT - Proceedings - IEEE 29th Computer Security Foundations Symposium, CSF 2016
T2 - 29th IEEE Computer Security Foundations Symposium, CSF 2016
Y2 - 27 June 2016 through 1 July 2016
ER -