Secure Information Flow and Pointer Confinement in a Java-like Language

نویسندگان

Anindya Banerjee

David A. Naumann

چکیده

We consider a sequential object-oriented language with pointers and mutable state, private fields and classbased visibility, dynamic binding and inheritance, recursive classes, casts and type tests, and recursive methods. Programs are annotated with security levels, constrained by security typing rules. A noninterference theorem shows how the rules ensure pointer confinement and secure information flow.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Static Analysis for Instance-based Confinement in Java

A semantic definition is given for instance-based pointer confinement (alias control); this provides a form of encapsulation suited to many object-oriented designs. A syntax-directed static analysis is defined and proved, using a compositional semantics, to imply semantic confinement. Previous work by the authors, reviewed here, shows that this notion of confinement ensures a strong information...

متن کامل

A Logic for Information Flow Analysis of Pointer Programs

This paper specifies a nontermination-insensitive, interprocedural, information flow analysis for objectoriented programs via a Hoare-like logic. Pointer aliasing is ubiquitous in such programs, and can potentially leak confidential information. Therefore, assertions in the logic not only describe the noninterference property that formalizes confidentiality, but also describe aliasing propertie...

متن کامل

Representation Independence, Confinement and Access Control [extended abstract and appendices]

Denotational semantics is given for a Java-like language with pointers, subclassing and dynamic dispatch, class oriented visibility control, recursive types and methods, and privilegebased access control. Representation independence (relational parametricity) is proved, using a semantic notion of confinement similar to ones for which static disciplines have been recently proposed.

متن کامل

Programming With Information Flow-Control

We informally introduce here the information flow-control domain. We then present two theoretical layouts for developping programming language with information flow-control. The approach is semantic-based and allows programs to be statically type-checked. We then consider its practical use, through the so-called Paragon language, extending Java in a user-friendly way. We’ll be especially inters...

متن کامل

Secure Web Applications via Automatic Partitioning

Swift is a new, principled approach to building web applications that are secure by construction. In modern web applications, some application functionality is usually implemented as client-side code written in JavaScript. Moving code and data to the client can create security vulnerabilities, but currently there are no good methods for deciding when it is secure to do so. Swift automatically p...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2002

Secure Information Flow and Pointer Confinement in a Java-like Language

نویسندگان

چکیده

منابع مشابه

A Static Analysis for Instance-based Confinement in Java

A Logic for Information Flow Analysis of Pointer Programs

Representation Independence, Confinement and Access Control [extended abstract and appendices]

Programming With Information Flow-Control

Secure Web Applications via Automatic Partitioning

عنوان ژورنال:

اشتراک گذاری