KIT | KIT-Bibliothek | Impressum

Information Flow in Object-Oriented Software

Beckert, Bernhard; Bruns, Daniel; Klebanov, Vladimir; Scheben, Christoph; Schmitt, Peter H.; Ulbrich, Mattias

Abstract:
This paper contributes to the investigation of object-sensitive information-flow properties for sequential Java, i.e., properties that take into account information leakage through objects, as opposed to primitive values. We present two improvements to a popular object-sensitive non-interference property. Both reduce the burden on analysis and monitoring tools. The second contribution is a formalization of this property in a program logic -- JavaDL in our case -- which allows using an existing tool without requiring program modification. The third contribution is a novel fine-grained specification methodology. In our approach, arbitrary JavaDL terms (read side-effect-free Java expressions) may be assigned a security level -- in contrast to security labels being attached to fields and variables only.


Zugehörige Institution(en) am KIT Institut für Theoretische Informatik (ITI)
Kompetenzzentrum für angewandte Sicherheitstechnologie (KASTEL)
Publikationstyp Proceedingsbeitrag
Jahr 2013
Sprache Englisch
Identifikator KITopen ID: 1000036851
HGF-Programm 46.12.03; LK 01
Erschienen in Logic-Based Program Synthesis and Transformation, LOPSTR 2013, Madrid, Spain, September 16-18, 2013 [Konferenz]. Ed.: G. Gupta
Verlag Universidad, Madrid
Seiten 15-32
Projektinformation KASTEL I (BMBF, 01BY1172 / 16BY1172)
Schlagworte kastel
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft KITopen Landing Page