Sciweavers

Free Online Productivity Tools i2Speak i2Symbol i2OCR iTex2Img iWeb2Print iWeb2Shot i2Type iPdf2Split iPdf2Merge i2Bopomofo i2Arabic i2Style i2Image i2PDF iLatex2Rtf Sci2ools

7

CSFW
2004
IEEE

favoriteEmaildiscussreport

112views Security Privacy» more CSFW 2004»

Lenient Array Operations for Practical Secure Information Flow

13 years 8 months ago

Lenient Array Operations for Practical Secure Information Flow

Download users.cis.fiu.edu

Our goal in this paper is to make secure information flow typing more practical. We propose simple and permissive typing rules for array operations in a simple sequential imperative language. Arrays are given types of the form 1 arr 2, where 1 is the security class of the array's contents and 2 is the security class of the array's length. To keep the typing rules permissive, we propose a novel, lenient semantics for out-of-bounds array indices. We show that our type system ensures a noninterference property, and we present an example that suggests that it will not be too difficult in practice to write programs that satisfy the typing rules.

Zhenyue Deng, Geoffrey Smith

Real-time Traffic

CSFW 2004 | Permissive Typing Rules | Security Class | Security Privacy | Typing Rules |

claim paper

Related Content

» Laminar practical finegrained decentralized information flow control

» Type inference and informative error reporting for secure information flow

» libdft practical dynamic data flow tracking for commodity systems

» Mediating secure information flow policies

» Enforcing security and safety models with an information flow analysis tool

» Ubiquitous Organizational Information Service Framework for Large Scale Intelligent Enviro...

» Noninterference through Secure Multiexecution

» Avoiding timing channels in fixedpriority schedulers

» Pointless tainting evaluating the practicality of pointer tainting

Post Info
More Details (n/a)

Added	20 Aug 2010
Updated	20 Aug 2010
Type	Conference
Year	2004
Where	CSFW
Authors	Zhenyue Deng, Geoffrey Smith

Comments (0)