中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 会议论文
Title:
a multi-compositional enforcement on information flow security
Author: Sun Cong ; Zhai Ennan ; Chen Zhong ; Ma Jianfeng
Source: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Conference Name: 13th International Conference on Information and Communications Security, ICICS 2011
Conference Date: November 2
Issued Date: 2011
Conference Place: Beijing, China
Keyword: Abstracting ; Flow control ; Public policy ; Static analysis
Indexed Type: EI
ISSN: 0302-9743
ISBN: 9783642252426
Department: (1) Key Lab. of Computer Networks and Information Security Xidian Univ. MoE China; (2) Key Lab. of High Confidence Software Technologies Peking Univ. MoE China; (3) Key Lab. of Network and Software Security Assurance Peking Univ. MoE China; (4) Institute of Software Chinese Academy of Sciences China
Sponsorship: National Natural Science Foundation of China (NNSFC); The Microsoft Corporation; Beijing Tip Technology Corporation; Trusted Computing Group (TCG)
Abstract: Interactive/Reactive computational model is known to be proper abstraction of many pervasively used systems, such as client-side web-based applications. The critical task of information flow control mechanisms aims to determine whether the interactive program can guarantee the confidentiality of secret data. We propose an efficient and flow-sensitive static analysis to enforce information flow policy on program with interactive I/Os. A reachability analysis is performed on the abstract model after a form of transformation, called multi-composition, to check the conformance with the policy. In the multi-composition we develop a store-match pattern to avoid duplicating the I/O channels in the model, and use the principle of secure multi-execution to generalize the security lattice model which is supported by other approaches based on automated verification. We also extend our approach to support a stronger version of termination-insensitive noninterference. The results of preliminary experiments show that our approach is more precise than existing flow-sensitive analysis and the cost of verification is reduced through the store-match pattern. © 2011 Springer-Verlag.
English Abstract: Interactive/Reactive computational model is known to be proper abstraction of many pervasively used systems, such as client-side web-based applications. The critical task of information flow control mechanisms aims to determine whether the interactive program can guarantee the confidentiality of secret data. We propose an efficient and flow-sensitive static analysis to enforce information flow policy on program with interactive I/Os. A reachability analysis is performed on the abstract model after a form of transformation, called multi-composition, to check the conformance with the policy. In the multi-composition we develop a store-match pattern to avoid duplicating the I/O channels in the model, and use the principle of secure multi-execution to generalize the security lattice model which is supported by other approaches based on automated verification. We also extend our approach to support a stronger version of termination-insensitive noninterference. The results of preliminary experiments show that our approach is more precise than existing flow-sensitive analysis and the cost of verification is reduced through the store-match pattern. © 2011 Springer-Verlag.
Language: 英语
Content Type: 会议论文
URI: http://ir.iscas.ac.cn/handle/311060/16226
Appears in Collections:软件所图书馆_会议论文

Files in This Item:

There are no files associated with this item.


Recommended Citation:
Sun Cong,Zhai Ennan,Chen Zhong,et al. a multi-compositional enforcement on information flow security[C]. 见:13th International Conference on Information and Communications Security, ICICS 2011. Beijing, China. November 2.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[Sun Cong]'s Articles
[Zhai Ennan]'s Articles
[Chen Zhong]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[Sun Cong]‘s Articles
[Zhai Ennan]‘s Articles
[Chen Zhong]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2020  中国科学院软件研究所 - Feedback
Powered by CSpace