Christian Hammer

Information flow control for java : a comprehensive approach based on path conditions in dependence graphs

Information flow control for java : a comprehensive approach based on path conditions in dependence graphs
DOWNLOAD COVER

Information flow control (IFC) is a technique to assert the security of a given program with respect to a given security policy. The classical policy noninterference requires that public output of a program may not be influenced from secret input. This work leverages a technique called program slicing, which is closely connected to IFC and offers many dimensions for improving analysis precision, the most powerful are Path Conditions. Our evaluation shows scalability with a low annotation burden.