• DocumentCode
    2173304
  • Title

    Noninterference in the presence of non-opaque pointers

  • Author

    Hedin, Daniel ; Sands, David

  • Author_Institution
    Chalmers Univ. of Technol.
  • fYear
    0
  • fDate
    0-0 0
  • Lastpage
    229
  • Abstract
    A common theoretical assumption in the study of information flow security in Java-like languages is that pointers are opaque - i.e., that the only properties that can be observed of pointers are the objects to which they point, and (at most) their equality. These assumptions often fail in practice. For example, various important operations in Java´s standard API, such as hashcodes or serialization, might break pointer opacity. As a result, information-flow static analyses which assume pointer opacity risk being unsound in practice, since the pointer representation provides an unchecked implicit leak. We investigate information flow in the presence of non-opaque pointers for an imperative language with records, pointer instructions and exceptions, and develop an information flow aware type system which guarantees noninterference
  • Keywords
    Java; program diagnostics; security of data; Java standard API; Java-like languages; hashcodes; information flow security; information-flow static analyses; noninterference; nonopaque pointers; pointer opacity risk; pointer representation; serialization; Computer security; Conferences; Data security; Information analysis; Information security; Java; Printing; Risk analysis; Runtime environment; Timing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Foundations Workshop, 2006. 19th IEEE
  • Conference_Location
    Venice
  • ISSN
    1063-6900
  • Print_ISBN
    0-7695-2615-2
  • Type

    conf

  • DOI
    10.1109/CSFW.2006.19
  • Filename
    1648720
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2173304