Sciweavers

Share
DEBS
2009
ACM

PrivateFlow: decentralised information flow control in event based middleware

10 years 5 months ago
PrivateFlow: decentralised information flow control in event based middleware
Complex middleware frameworks are made out of interacting components which may include bugs. These frameworks are often extended to provide additional features by thirdparty extensions that may not be completely trusted and, as a result, compromise the security of the whole platform. Aiming to minimize these problems, we propose a demonstration of PrivateFlow, a publish/subscribe prototype supported by Decentralized Information Flow Control (DIFC). DIFC is a taint-tracking mechanism that can prevent components from leaking information. We will showcase a simple deployment of PrivateFlow that incorporates third-party untrusted components. In our demonstration, one of these components will try to leak sensitive information about the system’s operation and it will fail once DIFC is activated.
Ioannis Papagiannis, Matteo Migliavacca, Peter R.
Added 28 May 2010
Updated 28 May 2010
Type Conference
Year 2009
Where DEBS
Authors Ioannis Papagiannis, Matteo Migliavacca, Peter R. Pietzuch, Brian Shand, David M. Eyers, Jean Bacon
Comments (0)
books