mdh.sePublikasjoner
Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
A principled approach to tracking information flow in the presence of libraries
Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system. Chalmers University of Technology, Gothenburg, Sweden.ORCID-id: 0000-0002-6621-8390
Chalmers University of Technology, Gothenburg, Sweden.
imec-DistriNet, KU Leuven, Leuven, Belgium.
Chalmers University of Technology, Gothenburg, Sweden.
2017 (engelsk)Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

There has been encouraging progress on information flow control for programs in increasingly complex programming languages, tracking the propagation of information from input sources to output sinks. Yet, programs are typically deployed in an environment with rich APIs and powerful libraries, posing challenges for information flow control when the code for these APIs and libraries is either unavailable or written in a different language. This paper presents a principled approach to tracking information flow in the presence of libraries. With the goal to strike the balance between security and precision, we present a framework that explores the middle ground between the “shallow”, signature-based modeling of libraries and the “deep”, stateful approach, where library models need to be supplied manually. We formalize our approach for a core language, extend it with lists and higher-order functions, and establish soundness results with respect to the security condition of noninterference.

sted, utgiver, år, opplag, sider
Springer Verlag , 2017. s. 49-70
Serie
Lecture Notes in Computer Science, ISSN 0302-9743 ; 10204 LNCS
HSV kategori
Identifikatorer
URN: urn:nbn:se:mdh:diva-35385DOI: 10.1007/978-3-662-54455-6_3ISI: 000425526300003Scopus ID: 2-s2.0-85018650361ISBN: 9783662544549 (tryckt)OAI: oai:DiVA.org:mdh-35385DiVA, id: diva2:1098438
Konferanse
6th Conference on Principles of Security and Trust, POST 2017 held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2017; Uppsala; Sweden; 22 April 2017 through 29 April 2017;
Tilgjengelig fra: 2017-05-24 Laget: 2017-05-24 Sist oppdatert: 2018-03-08bibliografisk kontrollert

Open Access i DiVA

Fulltekst mangler i DiVA

Andre lenker

Forlagets fulltekstScopus

Personposter BETA

Hedin, Daniel

Søk i DiVA

Av forfatter/redaktør
Hedin, Daniel
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric

doi
isbn
urn-nbn
Totalt: 11 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf