Towards a Flow- and Path-Sensitive Information Flow Analysis

Peixuan Li, Danfeng Zhang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Scopus citations


This paper investigates a flow- and path-sensitive static information flow analysis. Compared with security type systems with fixed labels, it has been shown that flow-sensitive type systems accept more secure programs. We show that an information flow analysis with fixed labels can be both flow- and path-sensitive. The novel analysis has two major components: 1) a general-purpose program transformation that removes false dataflow dependencies in a program that confuse a fixed-label type system, and 2) a fixed-label type system that allows security types to depend on path conditions. We formally prove that the proposed analysis enforces a rigorous security property: noninterference. Moreover, we show that the analysis is strictly more precise than a classic flow-sensitive type system, and it allows sound control of information flow in the presence of mutable variables without resorting to run-time mechanisms.

Original languageEnglish (US)
Title of host publicationProceedings - IEEE 30th Computer Security Foundations Symposium, CSF 2017
PublisherIEEE Computer Society
Number of pages15
ISBN (Electronic)9781538632161
StatePublished - Sep 25 2017
Event30th IEEE Computer Security Foundations Symposium, CSF 2017 - Santa Barbara, United States
Duration: Aug 21 2017Aug 25 2017

Publication series

NameProceedings - IEEE Computer Security Foundations Symposium
ISSN (Print)1940-1434


Other30th IEEE Computer Security Foundations Symposium, CSF 2017
Country/TerritoryUnited States
CitySanta Barbara

All Science Journal Classification (ASJC) codes

  • Engineering(all)


Dive into the research topics of 'Towards a Flow- and Path-Sensitive Information Flow Analysis'. Together they form a unique fingerprint.

Cite this