Loading...
Please wait, while we are loading the content...
Similar Documents
End-to-end information flow security for java (2007).
| Content Provider | CiteSeerX |
|---|---|
| Author | Thober, Mark Andrew |
| Abstract | The increasing digitalization of individual, business, and government information leads to more sensitive information being used in computer systems. This results in the requirement for modern systems to ensure that sensitive information is not leaked. Infor-mation flow control is a programming language-based mechanism that focuses on securing the dissemination of information through programs. Information flow type systems aim to statically guarantee that programs do not permit leaks of sensitive information to unautho-rized locations. This dissertation focuses on improving the usability of information flow type sys-tems, and on developing a new technique for proving a static information flow system is correct. We present a static information flow type inference system for Middleweight Java (MJ) that automatically infers information flow labels, thus avoiding the need for a multi-tude of program annotations. Additionally, policies need only be specified on IO channels, the critical flow boundary. Our type system includes a high degree of parametric polymor-phism, necessary to allow classes to be used in multiple security contexts, and to properly |
| File Format | |
| Publisher Date | 2007-01-01 |
| Access Restriction | Open |
| Subject Keyword | Computer System Middleweight Java Infor-mation Flow Control Type System Government Information Multiple Security Context Static Information Flow System Information Flow Type System Program Annotation Io Channel Language-based Mechanism Information Flow Label High Degree Modern System Information Flow Type Sensitive Information Critical Flow Boundary Unautho-rized Location New Technique End-to-end Information Flow Security Java Parametric Polymor-phism |
| Content Type | Text |
| Resource Type | Thesis |
