Title :
Deriving an information flow checker and certifying compiler for Java
Author :
Barthe, Gilles ; Naumann, David ; Rezk, Tamara
Author_Institution :
INRIA Sophia-Antipolis
Abstract :
Language-based security provides a means to enforce end-to-end confidentiality and integrity policies in mobile code scenarios, and is increasingly being contemplated by the smart-card and mobile phone industry as a solution to enforce information flow and resource control policies. Two threads of work have emerged in research on language-based security: work that focuses on enforcing security policies for source code, which is tailored towards developers that want to increase confidence in their applications, and work that focuses on efficiently verifying similar policies for byte-code, which is tailored to code consumers that want to protect themselves against hostile applications. These lines of work serve different purposes - and thus have been developed independently - but connecting them is a key step towards the deployment of language-based security in practical applications. This paper introduces a systematic technique to connect source code and bytecode security type systems. The technique is applied to an information flow type system for a fragment of Java with exceptions, thus confronting challenges in both control and data flow tracking
Keywords :
Java; data flow analysis; program compilers; security of data; Java; bytecode security type systems; compiler certification; control flow tracking; data flow tracking; end-to-end confidentiality; end-to-end integrity policies; information flow checker; information flow type system; language-based security; mobile code; mobile phone; resource control policies; smart-card; source code security type systems; Control systems; Data security; Industrial control; Information security; Java; Joining processes; Mobile handsets; Protection; Safety; Yarn;
Conference_Titel :
Security and Privacy, 2006 IEEE Symposium on
Conference_Location :
Berkeley/Oakland, CA
Print_ISBN :
0-7695-2574-1
