Explicit information flow properties in JML

نویسندگان

Christian Haack

Erik Poll

Aleksy Schubert

چکیده

This paper considers how explicit information flow properties can be expressed and verified in a traditional program logic, using preand postconditions. As concrete specification language for expressing these properties we use the specification language JML for Java. For this we propose a new classification of information flow properties, namely positive and negative properties, where the former are easier to describe. This also leads us to reconsider the duality between integrity and confidentiality in the light of the difference between explicit and implicit information flows.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Privacy-Sensitive Information Flow with JML

In today’s society, people have very little control over what kinds of personal data are collected and stored by various agencies in both the private and public sectors. We describe an approach to addressing this problem that allows individuals to specify constraints on the way their own data is used. Our solution uses formal methods to allow developers of software that processes personal data ...

متن کامل

Adding native specifications to JML

In the specification language JML we can see pure methods as a way to express user-defined predicates that will simplify the annotations. We take this idea a step further in allowing to only declare these predicates in JML without giving an explicit definition. The explicit definition is done directly in the language to which the Java program and the specifications are translated. To this end w...

متن کامل

Enforcing High-Level Security Properties for Applets

Smart card applications often handle privacy-sensitive information, and therefore must obey certain security policies. Typically, such policies are described as high-level security properties, stating for example that no pin verification must take place within a transaction. Behavioural interface specification languages, such as JML (Java Modeling Language), have been successfully used to valid...

متن کامل

JAG: JML Annotation Generation for Verifying Temporal Properties

We present a tool for verifying temporal properties on Java/ JML classes by generating automatically JML annotations that ensure the verification of the temporal properties.

متن کامل

Practical Application of a Translation Tool from UML/OCL to Java Skeleton with JML Annotation

In recent years, MDA techniques have been strongly developed. Thus, translation techniques such as UML to some program languages have gained a lot of attention. Translation techniques such as OCL to JML have been also researched. OCL is a language to describe detail properties of UML and standardized by OMG, while, JML is a language to specify properties of Java program. Both OCL and JML are ba...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2008

Explicit information flow properties in JML

نویسندگان

چکیده

منابع مشابه

Privacy-Sensitive Information Flow with JML

Adding native specifications to JML

Enforcing High-Level Security Properties for Applets

JAG: JML Annotation Generation for Verifying Temporal Properties

Practical Application of a Translation Tool from UML/OCL to Java Skeleton with JML Annotation

عنوان ژورنال:

اشتراک گذاری