Abstract
We consider the problem of enforcing information flow policies in Xml manipulating programs such as Web services and business processes implemented in current workflow languages. We propose a runtime monitor that can enforce the secrecy of freely chosen subtrees of the data throughout the execution. The key idea is to apply a generalized constant propagation for computing the public effect of branching constructs whose conditions may depend on the secret. This allows for a better precision than runtime monitors which rely on tainting of variables or nodes alone. We demonstrate our approach for a minimalistic tree manipulating programming language and prove its correctness w.r.t. the concrete semantics of programs. © 2012 Springer-Verlag.
Author supplied keywords
Cite
CITATION STYLE
Kovács, M., & Seidl, H. (2012). Runtime enforcement of information flow security in tree manipulating processes. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7159 LNCS, pp. 46–59). https://doi.org/10.1007/978-3-642-28166-2_6
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
