conference paper Information Flow Certificates published Manuel Töws author 11315 Heike Wehrheim author 573 77 department SFB 901 project SFB 901 - Project Area B project SFB 901 - Subproject B4 project Information flow analysis investigates the flow of data in applications, checking in particular for flows from private sources to public sinks. Flow- and path-sensitive analyses are, however, often too costly to be performed every time a security-critical application is run. In this paper, we propose a variant of proof carrying code for information flow security. To this end, we develop information flow (IF) certificates which get attached to programs as well as a method for IF certificate validation. We prove soundness of our technique, i.e., show it to be tamper-free. The technique is implemented within the program analysis tool CPAchecker. Our experiments confirm that the use of certificates pays off for costly analysis runs. https://ris.uni-paderborn.de/download/5774/5837/Töws-Wehrheim2018_Chapter_InformationFlowCertificates.pdf application/pdf Springer International Publishing2018 eng Theoretical Aspects of Computing – ICTAC 2018 0302-9743 1611-3349 9783030025076 978303002508310.1007/978-3-030-02508-3_23 435-454 Töws, Manuel, and Heike Wehrheim. “Information Flow Certificates.” In <i>Theoretical Aspects of Computing – ICTAC 2018</i>, 435–54. Cham: Springer International Publishing, 2018. <a href="https://doi.org/10.1007/978-3-030-02508-3_23">https://doi.org/10.1007/978-3-030-02508-3_23</a>. M. Töws, H. Wehrheim, in: Theoretical Aspects of Computing – ICTAC 2018, Springer International Publishing, Cham, 2018, pp. 435–454. Töws M, Wehrheim H. Information Flow Certificates. In: <i>Theoretical Aspects of Computing – ICTAC 2018</i>. Cham: Springer International Publishing; 2018:435-454. doi:<a href="https://doi.org/10.1007/978-3-030-02508-3_23">10.1007/978-3-030-02508-3_23</a> @inproceedings{Töws_Wehrheim_2018, place={Cham}, title={Information Flow Certificates}, DOI={<a href="https://doi.org/10.1007/978-3-030-02508-3_23">10.1007/978-3-030-02508-3_23</a>}, booktitle={Theoretical Aspects of Computing – ICTAC 2018}, publisher={Springer International Publishing}, author={Töws, Manuel and Wehrheim, Heike}, year={2018}, pages={435–454} } Töws, M., &#38; Wehrheim, H. (2018). Information Flow Certificates. In <i>Theoretical Aspects of Computing – ICTAC 2018</i> (pp. 435–454). Cham: Springer International Publishing. <a href="https://doi.org/10.1007/978-3-030-02508-3_23">https://doi.org/10.1007/978-3-030-02508-3_23</a> Töws, Manuel, and Heike Wehrheim. “Information Flow Certificates.” <i>Theoretical Aspects of Computing – ICTAC 2018</i>, Springer International Publishing, 2018, pp. 435–54, doi:<a href="https://doi.org/10.1007/978-3-030-02508-3_23">10.1007/978-3-030-02508-3_23</a>. M. Töws and H. Wehrheim, “Information Flow Certificates,” in <i>Theoretical Aspects of Computing – ICTAC 2018</i>, 2018, pp. 435–454. 57742018-11-21T09:51:37Z2022-01-06T07:02:40Z