From dynamic to static and back: Riding the roller coaster of information-flow control research
Paper in proceeding, 2009

Historically, dynamic techniques are the pioneers of the area of information flow in the 70’s. In their seminal work, Denning and Denning suggest a static alternative for information-flow analysis. Following this work, the 90’s see the domination of static techniques for information flow. The common wisdom appears to be that dynamic approaches are not a good match for security since monitoring a single path misses public side effects that could have happened in other paths. Dynamic techniques for information flow are on the rise again, driven by the need for permissiveness in today’s dynamic applications. But they still involve nontrivial static checks for leaks related to control flow. This paper demonstrates that it is possible for a purely dynamic enforcement to be as secure as Denning-style static information-flow analysis, despite the common wisdom. We do have the trade-off that static techniques have benefits of reducing runtime overhead, and dynamic techniques have the benefits of permissiveness (this, for example, is of particular importance in dynamic applications, where freshly generated code is evaluated). But on the security side, we show for a simple imperative language that both Denning-style analysis and dynamic enforcement have the same assurance: termination-insensitive noninterference.

information-flow

monitors

type systems

Author

Andrei Sabelfeld

Chalmers, Computer Science and Engineering (Chalmers), Computing Science (Chalmers)

Alejandro Russo

Chalmers, Computer Science and Engineering (Chalmers), Computing Science (Chalmers)

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

03029743 (ISSN) 16113349 (eISSN)

Vol. 5947 352-365
978-364211485-4 (ISBN)

Subject Categories

Computer Science

DOI

10.1007/978-3-642-11486-1_30

ISBN

978-364211485-4

More information

Created

10/7/2017