Conference ProceedingsOPEN ACCESS

Information flow monitoring as abstract interpretation for relational logic

Proceedings of the Computer Security Foundations Workshop (2014) 2014-January 48-62
DOI: 10.1109/CSF.2014.12
16Citations
Citations of this article
17Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

A number of systems have been developed for dynamic information flow control (IFC). In such systems, the security policy is expressed by labeling input and output channels, it is enforced by tracking and checking labels on data. Systems have been proven to enforce some form of noninterference (NI), formalized as a property of two runs of the program. In practice, NI is too strong and it is desirable to enforce some relaxation of NI that allows downgrading under constraints that have been classified as 'what', 'where', 'who', or 'when' policies. To encompass a broad range of policies, relational logic has been proposed as a means to specify and statically enforce policy. This paper shows how relational logic policies can be dynamically checked. To do so, we provide a new account of monitoring, in which the monitor state is viewed as an abstract interpretation of sets of pairs of program runs.

Author supplied keywords

Cite

CITATION STYLE

APA

Chudnov, A., Kuan, G., & Naumann, D. A. (2014). Information flow monitoring as abstract interpretation for relational logic. In Proceedings of the Computer Security Foundations Workshop (Vol. 2014-January, pp. 48–62). IEEE Computer Society. https://doi.org/10.1109/CSF.2014.12

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free