https://www.mdu.se/

mdu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Value Sensitivity and Observable Abstract Values for Information Flow Control
Chalmers University of Technology, Gothenburg, Sweden.
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems. Chalmers University of Technology, Gothenburg, Sweden.ORCID iD: 0000-0002-6621-8390
Chalmers University of Technology, Gothenburg, Sweden.
2015 (English)In: 20th International Conference on Logic for Programming, Artificial Intelligence and Reasoning LPAR'15, 2015, p. 63-78Conference paper, Published paper (Refereed)
Abstract [en]

Much progress has recently been made on information flow control, enabling the enforcement of increasingly rich policies for increasingly expressive programming languages. This has resulted in tools for mainstream programming languages as JavaScript, Java, Caml, and Ada that enforce versatile security policies. However, a roadblock on the way to wider adoption of these tools has been their limited permissiveness (high number of false positives). Flow-, context-, and object-sensitive techniques have been suggested to improve the precision of static information flow control and dynamic monitors have been explored to leverage the knowledge about the current run for precision. This paper explores value sensitivity to boost the permissiveness of information flow control. We show that both dynamic and hybrid information flow mechanisms benefit from value sensitivity. Further, we introduce the concept of observable abstract values to generalize and leverage the power of value sensitivity to richer programming languages. We demonstrate the usefulness of the approach by comparing it to known disciplines for dealing with information flow in dynamic and hybrid settings.

Place, publisher, year, edition, pages
2015. p. 63-78
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:mdh:diva-30487DOI: 10.1007/978-3-662-48899-7_5ISI: 000375574900005Scopus ID: 2-s2.0-84952650183ISBN: 978-3-662-48898-0 (print)OAI: oai:DiVA.org:mdh-30487DiVA, id: diva2:885952
Conference
20th International Conference on Logic for Programming, Artificial Intelligence and Reasoning LPAR'15, 23 Nov 2015, Suva, Fiji
Available from: 2015-12-21 Created: 2015-12-21 Last updated: 2017-01-03Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Hedin, Daniel

Search in DiVA

By author/editor
Hedin, Daniel
By organisation
Embedded Systems
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 122 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf