Towards a Flow- and Path-Sensitive Information Flow Analysis: Technical Report

06/05/2017
by   Peixuan Li, et al.
0

This paper investigates a flow- and path-sensitive static information flow analysis. Compared with security type systems with fixed labels, it has been shown that flow-sensitive type systems accept more secure programs. We show that an information flow analysis with fixed labels can be both flow- and path-sensitive. The novel analysis has two major components: 1) a general-purpose program transformation that removes false dataflow dependencies in a program that confuse a fixed-label type system, and 2) a fixed-label type system that allows security types to depend on path conditions. We formally prove that the proposed analysis enforces a rigorous security property: noninterference. Moreover, we show that the analysis is strictly more precise than a classic flow-sensitive type system, and it allows sound control of information flow in the presence of mutable variables without resorting to run-time mechanisms.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
03/10/2021

Pifthon: A Compile-Time Information Flow Analyzer For An Imperative Language

Compile-time information flow analysis has been a promising technique fo...
research
12/08/2020

Control Flow Obfuscation for FJ using Continuation Passing

Control flow obfuscation deters software reverse engineering attempts by...
research
10/25/2020

Giving Semantics to Program-Counter Labels via Secure Effects

Type systems designed for information-flow control commonly use a progra...
research
03/28/2020

First-order Gradual Information Flow Types with Gradual Guarantees

Gradual type systems seamlessly integrate statically-typed programs with...
research
07/22/2018

Taint Tracking for WebAssembly

WebAssembly seeks to provide an alternative to running large and untrust...
research
08/11/2022

Correlating Effectiveness of Pointer Analysis Techniques with Patterns in Embedded System Code

A pointer analysis maps the pointers in a program to the memory location...
research
08/26/2022

Computing Maximum Fixed Point Solutions over Feasible Paths in Data Flow Analyses

The control flow graph (CFG) representation of a procedure used by virtu...

Please sign up or login with your details

Forgot password? Click here to reset