https://www.mdu.se/

mdu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Information flow tracking for side-effectful libraries
Chalmers University of Technology, Gothenburg, Sweden.
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems. Chalmers University of Technology, Gothenburg, Sweden.ORCID iD: 0000-0002-6621-8390
Chalmers University of Technology, Gothenburg, Sweden.
2018 (English)In: Lect. Notes Comput. Sci., Springer Verlag , 2018, p. 141-160Conference paper, Published paper (Refereed)
Abstract [en]

Dynamic information flow control is a promising technique for ensuring confidentiality and integrity of applications that manipulate sensitive information. While much progress has been made on increasingly powerful programming languages ranging from low-level machine languages to high-level languages for distributed systems, surprisingly little attention has been devoted to libraries and APIs. The state of the art is largely an all-or-nothing choice: either a shallow or deep library modeling approach. Seeking to break out of this restrictive choice, we formalize a general mechanism that tracks information flow for a language that includes higher-order functions, structured data types and references. A key feature of our approach is the model heap, a part of the memory, where security information is kept to enable the interaction between the labeled program and the unlabeled library. We provide a proof-of-concept implementation and report on experiments with a file system library. The system has been proved correct using Coq.

Place, publisher, year, edition, pages
Springer Verlag , 2018. p. 141-160
Series
Lecture Notes in Computer Science, ISSN 0302-9743 ; 10854 LNCS
Keywords [en]
Application programming interfaces (API), High level languages, Libraries, Network security, Theorem proving, Distributed systems, Dynamic information, Higher order functions, Information flow tracking, Information flows, Machine languages, Sensitive informations, State of the art, Distributed computer systems
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:mdh:diva-39983DOI: 10.1007/978-3-319-92612-4_8ISI: 000553809900008Scopus ID: 2-s2.0-85048217179ISBN: 9783319926117 (print)OAI: oai:DiVA.org:mdh-39983DiVA, id: diva2:1222397
Conference
18 June 2018 through 21 June 2018
Available from: 2018-06-21 Created: 2018-06-21 Last updated: 2020-10-08Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Hedin, Daniel

Search in DiVA

By author/editor
Hedin, Daniel
By organisation
Embedded Systems
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 72 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf