Affiliation:
1. Kansas State University, Manhattan, KS
Abstract
This paper specifies, via a Hoare-like logic, an interprocedural and flow sensitive (but termination insensitive) information flow analysis for object-oriented programs. Pointer aliasing is ubiquitous in such programs, and can potentially leak confidential information. Thus the logic employs
independence assertions
to describe the noninterference property that formalizes confidentiality, and employs
region assertions
to describe possible aliasing. Programmer assertions, in the style of JML, are also allowed, thereby permitting a more fine-grained specification of information flow policy.The logic supports local reasoning about state in the style of separation logic. Small specifications are used; they mention only the variables and addresses relevant to a command. Specifications are combined using a frame rule. An algorithm for the computation of postconditions is described: under certain assumptions, there exists a
strongest
postcondition which the algorithm computes.
Publisher
Association for Computing Machinery (ACM)
Subject
Computer Graphics and Computer-Aided Design,Software
Reference24 articles.
1. T. Amtoft and A. Banerjee. A logic for information flow analysis with an application to forward slicing of simple imperative programs. Science of Computer Programming special issue of SAS 2004. To appear.]] 10.1016/j.scico.2006.03.002 T. Amtoft and A. Banerjee. A logic for information flow analysis with an application to forward slicing of simple imperative programs. Science of Computer Programming special issue of SAS 2004. To appear.]] 10.1016/j.scico.2006.03.002
2. Security-Typed Languages for Implementation of Cryptographic Protocols: A Case Study
3. Stack-based access control and secure information flow
Cited by
47 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献