mdh.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A principled approach to tracking information flow in the presence of libraries
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems. Chalmers University of Technology, Gothenburg, Sweden.ORCID iD: 0000-0002-6621-8390
Chalmers University of Technology, Gothenburg, Sweden.
imec-DistriNet, KU Leuven, Leuven, Belgium.
Chalmers University of Technology, Gothenburg, Sweden.
2017 (English)Conference paper, Published paper (Refereed)
Abstract [en]

There has been encouraging progress on information flow control for programs in increasingly complex programming languages, tracking the propagation of information from input sources to output sinks. Yet, programs are typically deployed in an environment with rich APIs and powerful libraries, posing challenges for information flow control when the code for these APIs and libraries is either unavailable or written in a different language. This paper presents a principled approach to tracking information flow in the presence of libraries. With the goal to strike the balance between security and precision, we present a framework that explores the middle ground between the “shallow”, signature-based modeling of libraries and the “deep”, stateful approach, where library models need to be supplied manually. We formalize our approach for a core language, extend it with lists and higher-order functions, and establish soundness results with respect to the security condition of noninterference.

Place, publisher, year, edition, pages
Springer Verlag , 2017. 49-70 p.
Series
Lecture Notes in Computer Science, ISSN 0302-9743 ; 10204 LNCS
National Category
Computer Science
Identifiers
URN: urn:nbn:se:mdh:diva-35385DOI: 10.1007/978-3-662-54455-6_3Scopus ID: 2-s2.0-85018650361ISBN: 9783662544549 (print)OAI: oai:DiVA.org:mdh-35385DiVA: diva2:1098438
Conference
6th Conference on Principles of Security and Trust, POST 2017 held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2017; Uppsala; Sweden; 22 April 2017 through 29 April 2017;
Note

Export Date: 24 May 2017; Conference Paper; Correspondence Address: Sj Ö Sten, A.; Chalmers University of TechnologySweden; email: sjosten@chalmers.se

Available from: 2017-05-24 Created: 2017-05-24 Last updated: 2017-05-24Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Authority records BETA

Hedin, Daniel

Search in DiVA

By author/editor
Hedin, Daniel
By organisation
Embedded Systems
Computer Science

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 1 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf