Team for Research in
Ubiquitous Secure Technology

Secure Information Flow as a Safety Problem
T. Terauchi, A. Aiken

Citation
T. Terauchi, A. Aiken. "Secure Information Flow as a Safety Problem". 12th International Static Analysis Symposium,, 352-367, September, 2005.

Abstract
The termination insensitive secure information flow problem can be reduced to solving a safety problem via a simple program transformation. Barthe, D’Argenio, and Rezk coined the term “self-composition” to describe this reduction. This paper generalizes the self-compositional approach with a form of information downgrading recently proposed by Li and Zdancewic. We also identify a problem with applying the self-compositional approach in practice, and we present a solution to this problem that makes use of more traditional type-based approaches. The result is a framework that combines the best of both worlds, i.e., better than traditional type-based approaches and better than the selfcompositional approach.

Electronic downloads

Citation formats  
  • HTML
    T. Terauchi, A. Aiken. <a
    href="http://www.truststc.org/pubs/617.html"
    >Secure Information Flow as a Safety Problem</a>,
    12th International Static Analysis Symposium,, 352-367,
    September, 2005.
  • Plain text
    T. Terauchi, A. Aiken. "Secure Information Flow as a
    Safety Problem". 12th International Static Analysis
    Symposium,, 352-367, September, 2005.
  • BibTeX
    @inproceedings{TerauchiAiken05_SecureInformationFlowAsSafetyProblem,
        author = {T. Terauchi and A. Aiken},
        title = {Secure Information Flow as a Safety Problem},
        booktitle = {12th International Static Analysis Symposium,},
        pages = {352-367},
        month = {September},
        year = {2005},
        abstract = {The termination insensitive secure information
                  flow problem can be reduced to solving a safety
                  problem via a simple program transformation.
                  Barthe, DâArgenio, and Rezk coined the term
                  âself-compositionâ to describe this reduction.
                  This paper generalizes the self-compositional
                  approach with a form of information downgrading
                  recently proposed by Li and Zdancewic. We also
                  identify a problem with applying the
                  self-compositional approach in practice, and we
                  present a solution to this problem that makes use
                  of more traditional type-based approaches. The
                  result is a framework that combines the best of
                  both worlds, i.e., better than traditional
                  type-based approaches and better than the
                  selfcompositional approach.},
        URL = {http://www.truststc.org/pubs/617.html}
    }
    

Posted by Jessica Gamble on 18 Mar 2009.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.