Refactoring programs to secure information flows

13 years 10 months ago
Refactoring programs to secure information flows
Adding a sound information flow security policy to an existing program is a difficult task that requires major analysis of and changes to the program. In this paper we show how refactoring programs into distinct components of high and low security is a useful methodology to aid in the production of programs with sound information flow policies. Our methodology proceeds as follows. Given a program with no information flow controls, a program slicer is used to identify code that depends on high security inputs. High security code so identified is then refactored into a separate component, which may be accessed by the low security component via public method calls. A security policy that labels input data and checks the output points can then enforce the desired end-to-end security property. Controlled information releases can occur at explicit declassification points if deemed safe. The result is a wellengineered program with explicit interfaces between components of different sec...
Scott F. Smith, Mark Thober
Added 14 Jun 2010
Updated 14 Jun 2010
Type Conference
Year 2006
Where PLDI
Authors Scott F. Smith, Mark Thober
Comments (0)