Information flow analysis in logical form

Information flow analysis in logical form

Cached

Download Links

Other Repositories/Bibliography

DBLP

by Torben Amtoft , Anindya Banerjee

Venue:	George Mason University
Citations:	27 - 5 self

BibTeX

@TECHREPORT{Amtoft_informationflow,
    author = {Torben Amtoft and Anindya Banerjee},
    title = {Information flow analysis in logical form},
    institution = {George Mason University},
    year = {}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

Abstract. We specify an information flow analysis for a simple imperative language, using a Hoare-like logic. The logic facilitates static checking of a larger class of programs than can be checked by extant type-based approaches in which a program is deemed insecure when it contains an insecure subprogram. The logic is based on an abstract interpretation of program traces that makes independence between program variables explicit. Unlike other, more precise, approaches based on a Hoare-like logic, our approach does not require a theorem prover to generate invariants. We demonstrate the modularity of our approach by showing that a frame rule holds in our logic. Moreover, given an insecure but terminating program, we show how strongest postconditions can be employed to statically generate failure explanations. 1

Citations

619	Security policies and security models - Goguen, Meseguer - 1982
583	Separation logic: A logic for shared mutable data structures. Symp. on Logic in - Reynolds - 1994
458	Principles of program analysis - Nielson, Nielson, et al. - 1999
458	Language-based information-flow security - Sabelfeld, Myers
353	J.J.: Secure computer systems: mathematical foundations, Mitre technical report 2547 - Bell, Padula - 1973
348	Certification of programs for secure information flow - Denning, Denning - 1977
315	Cousot and Radhia Cousot. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints - Patrick - 1977
237	H.: Local Reasoning about Programs that Alter Data Structures - O’Hearn, Reynolds, et al. - 2001
214	The slam calculus: Programming with secrecy and integrity - Heintze, Riecke - 1998
201	A core calculus of dependency - Abadi, Banerjee, et al. - 1999
192	Information flow inference for ml - Pottier, Simonet
148	as an assertion language for mutable data structures - BI - 2001
141	Separation and information hiding - O’Hearn, Yang, et al. - 2004
127	Transforming out timing leaks - Agat - 2000
126	A type-based approach to program security - Volpano, Smith - 1997
120	Software verification with BLAST - Henzinger, Jhala, et al. - 2003
89	Secure information flow and pointer confinement in a java-like language - Banerjee, Naumann - 2002
81	A PER model of secure information flow in sequential programs - SABELFELD, SANDS - 2001
71	A semantic approach to secure information flow - Joshi, Leino
70	A theorem proving approach to analysis of secure information flow - Darvas, Hähnle, et al.
62	R.P.: An axiomatic approach to information flows in programs - Andrews, Reitmans - 1980
60	Abstract non-interference: Parameterizing non-interference by abstract interpretation - Giacobazzi, Mastroeni - 2004
58	Secure information flow by self-composition - Barthe, D’Argenio, et al. - 2004
56	Information transmission in sequential programs,” in Foundations of Secure Computation - Cohen - 1978
51	A model for delimited information release - Sabelfeld, Myers - 2003
43	Trust in the λ-calculus - Palsberg, Ørbæk - 1995
32	Binding time analysis: A new PERspective - Hunt, Sands - 1991
24	Information flow for Algol-like languages - Clark, Hankin, et al. - 2002
15	Cousot and Radhia Cousot. Automatic synthesis of optimal invariant assertions: mathematical foundations - Patrick - 1977
2	Specifications for multi-level security and a hook-up - McCullough - 1987