Towards a Flow- and Path-Sensitive Information Flow Analysis

Peixuan Li, Danfeng Zhang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Scopus citations

Abstract

This paper investigates a flow- and path-sensitive static information flow analysis. Compared with security type systems with fixed labels, it has been shown that flow-sensitive type systems accept more secure programs. We show that an information flow analysis with fixed labels can be both flow- and path-sensitive. The novel analysis has two major components: 1) a general-purpose program transformation that removes false dataflow dependencies in a program that confuse a fixed-label type system, and 2) a fixed-label type system that allows security types to depend on path conditions. We formally prove that the proposed analysis enforces a rigorous security property: noninterference. Moreover, we show that the analysis is strictly more precise than a classic flow-sensitive type system, and it allows sound control of information flow in the presence of mutable variables without resorting to run-time mechanisms.

Original languageEnglish (US)
Title of host publicationProceedings - IEEE 30th Computer Security Foundations Symposium, CSF 2017
PublisherIEEE Computer Society
Pages53-67
Number of pages15
ISBN (Electronic)9781538632161
DOIs
StatePublished - Sep 25 2017
Event30th IEEE Computer Security Foundations Symposium, CSF 2017 - Santa Barbara, United States
Duration: Aug 21 2017Aug 25 2017

Publication series

NameProceedings - IEEE Computer Security Foundations Symposium
ISSN (Print)1940-1434

Other

Other30th IEEE Computer Security Foundations Symposium, CSF 2017
CountryUnited States
CitySanta Barbara
Period8/21/178/25/17

All Science Journal Classification (ASJC) codes

  • Engineering(all)

Fingerprint Dive into the research topics of 'Towards a Flow- and Path-Sensitive Information Flow Analysis'. Together they form a unique fingerprint.

  • Cite this

    Li, P., & Zhang, D. (2017). Towards a Flow- and Path-Sensitive Information Flow Analysis. In Proceedings - IEEE 30th Computer Security Foundations Symposium, CSF 2017 (pp. 53-67). [8049651] (Proceedings - IEEE Computer Security Foundations Symposium). IEEE Computer Society. https://doi.org/10.1109/CSF.2017.17