Policy Dependent and Independent Information Flow Analyses
M. Töws, H. Wehrheim, in: Formal Methods and Software Engineering - 19th International Conference on Formal Engineering Methods (ICFEM 2017), Springer International Publishing, 2017, pp. 362–378.
Download
Töws-Wehrheim2017_Chapter_PolicyDependentAndIndependentI.pdf
424.03 KB
Conference Paper
| Published
| English
Abstract
Information Flow Analysis (IFA) aims at detecting illegal flows of information between program entities. “Legality” is therein specified in terms of various security policies. For the analysis, this opens up two possibilities: building generic, policy independent and building specific, policy dependent IFAs. While the former needs to track all dependencies between program entities, the latter allows for a reduced and thus more efficient analysis.
In this paper, we start out by formally defining a policy independent information flow analysis. Next, we show how to specialize this IFA via policy specific variable tracking, and prove soundness of the specialization. We furthermore investigate refinement relationships between policies, allowing an IFA for one policy to be employed for its refinements. As policy refinement depends on concrete program entities, we additionally propose a precomputation of policy refinement conditions, enabling an efficient refinement check for concrete programs.
Publishing Year
Proceedings Title
Formal Methods and Software Engineering - 19th International Conference on Formal Engineering Methods (ICFEM 2017)
Page
362-378
ISBN
LibreCat-ID
Cite this
Töws M, Wehrheim H. Policy Dependent and Independent Information Flow Analyses. In: Formal Methods and Software Engineering - 19th International Conference on Formal Engineering Methods (ICFEM 2017). Springer International Publishing; 2017:362-378. doi:10.1007/978-3-319-68690-5_22
Töws, M., & Wehrheim, H. (2017). Policy Dependent and Independent Information Flow Analyses. In Formal Methods and Software Engineering - 19th International Conference on Formal Engineering Methods (ICFEM 2017) (pp. 362–378). Springer International Publishing. https://doi.org/10.1007/978-3-319-68690-5_22
@inproceedings{Töws_Wehrheim_2017, title={Policy Dependent and Independent Information Flow Analyses}, DOI={10.1007/978-3-319-68690-5_22}, booktitle={Formal Methods and Software Engineering - 19th International Conference on Formal Engineering Methods (ICFEM 2017)}, publisher={Springer International Publishing}, author={Töws, Manuel and Wehrheim, Heike}, year={2017}, pages={362–378} }
Töws, Manuel, and Heike Wehrheim. “Policy Dependent and Independent Information Flow Analyses.” In Formal Methods and Software Engineering - 19th International Conference on Formal Engineering Methods (ICFEM 2017), 362–78. Springer International Publishing, 2017. https://doi.org/10.1007/978-3-319-68690-5_22.
M. Töws and H. Wehrheim, “Policy Dependent and Independent Information Flow Analyses,” in Formal Methods and Software Engineering - 19th International Conference on Formal Engineering Methods (ICFEM 2017), 2017, pp. 362–378.
Töws, Manuel, and Heike Wehrheim. “Policy Dependent and Independent Information Flow Analyses.” Formal Methods and Software Engineering - 19th International Conference on Formal Engineering Methods (ICFEM 2017), Springer International Publishing, 2017, pp. 362–78, doi:10.1007/978-3-319-68690-5_22.
Main File(s)
File Name
Töws-Wehrheim2017_Chapter_PolicyDependentAndIndependentI.pdf
424.03 KB
Access Level
Closed Access
Last Uploaded
2018-11-26T15:07:42Z