From dynamic to static and back: Riding the roller coaster of information-flow control research
Paper i proceeding, 2009

Historically, dynamic techniques are the pioneers of the area of information flow in the 70’s. In their seminal work, Denning and Denning suggest a static alternative for information-flow analysis. Following this work, the 90’s see the domination of static techniques for information flow. The common wisdom appears to be that dynamic approaches are not a good match for security since monitoring a single path misses public side effects that could have happened in other paths. Dynamic techniques for information flow are on the rise again, driven by the need for permissiveness in today’s dynamic applications. But they still involve nontrivial static checks for leaks related to control flow. This paper demonstrates that it is possible for a purely dynamic enforcement to be as secure as Denning-style static information-flow analysis, despite the common wisdom. We do have the trade-off that static techniques have benefits of reducing runtime overhead, and dynamic techniques have the benefits of permissiveness (this, for example, is of particular importance in dynamic applications, where freshly generated code is evaluated). But on the security side, we show for a simple imperative language that both Denning-style analysis and dynamic enforcement have the same assurance: termination-insensitive noninterference.

information-flow

monitors

type systems

Författare

Andrei Sabelfeld

Chalmers, Data- och informationsteknik, Datavetenskap

Alejandro Russo

Chalmers, Data- och informationsteknik, Datavetenskap

Lecture Notes in Computer Science

0302-9743 (ISSN)

Vol. 5947 352-365

Ämneskategorier

Datavetenskap (datalogi)

DOI

10.1007/978-3-642-11486-1_30

ISBN

978-364211485-4