• DocumentCode
    2947568
  • Title

    ENCoVer: Symbolic Exploration for Information Flow Security

  • Author

    Balliu, M. ; Dam, Mads ; Le Guernic, Gurvan

  • Author_Institution
    Sch. of Comput. Sci. & Commun., KTH R. Inst. of Technol., Stockholm, Sweden
  • fYear
    2012
  • fDate
    25-27 June 2012
  • Firstpage
    30
  • Lastpage
    44
  • Abstract
    We address the problem of program verification for information flow policies by means of symbolic execution and model checking. Noninterference-like security policies are formalized using epistemic logic. We show how the policies can be accurately verified using a combination of concolic testing and SMT solving. As we demonstrate, many scenarios considered tricky in the literature can be solved precisely using the proposed approach. This is confirmed by experiments performed with ENCOVER, a tool based on Java Path Finder and Z3, which we have developed for epistemic noninterference concolic verification.
  • Keywords
    Java; program verification; security of data; ENCoVer; Java Path Finder; SMT; Z3; concolic testing; epistemic logic; information flow security; model checking; noninterference concolic verification; noninterference-like security policies; program verification; symbolic exploration; Computational modeling; Concrete; Java; Observers; Prototypes; Security; Testing; SMT solver; declassification; epistemic logic; information flow security; model checking; noninterference;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Foundations Symposium (CSF), 2012 IEEE 25th
  • Conference_Location
    Cambridge, MA
  • ISSN
    1940-1434
  • Print_ISBN
    978-1-4673-1918-8
  • Electronic_ISBN
    1940-1434
  • Type

    conf

  • DOI
    10.1109/CSF.2012.24
  • Filename
    6266150
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2947568