Modeling Secure Information Flow with Boolean Functions
نویسندگان
چکیده
In this paper we describe two uses of Boolean functions in the context of secure information flow analysis. The first contribution concerns with modeling information flow with Boolean functions, which leads to an accurate information flow analysis that captures dependencies between possible flows. These dependencies are useful for debugging; refining the notion of secure information flow; and achieving efficient implementation using sophisticated data structures like Binary Decision Diagrams. The second contribution concerns with analyzing dynamic security policies. We describe how to construct a Boolean function, such that its models describe possible non-interference sets of program variables. This can be used to enforce security classes dynamically, rather than re-analyzing the program.
منابع مشابه
On Automatic Placement of Declassifiers for Information-Flow Security
Security-typed languages can be used to build programs that are information-flow secure, meaning that they do not allow secret data to leak. Declassification allows programs to leak secret information in carefully prescribed ways. Manually placing declassifiers to authorize certain flows of information can be dangerous because an incorrectly placed declassifier can leak far more secure data tha...
متن کاملInformation Flow Analysis for Java Bytecode
We present a context-sensitive compositional analysis of information flow for full (mono-threaded) Java bytecode. Our idea consists in transforming the Java bytecode into a control-flow graph of basic blocks of code such that the complex features of the Java bytecode made explicit. The analysis is based on modeling the information flow dependencies with Boolean functions which leads to an accur...
متن کاملRandomizing Polynomials: A New Representation with Applications to Round-Efficient Secure Computation
Motivated by questions about secure multi-party computation, we introduce and study a new natural representation of functions by polynomials, which we term randomizing polynomials. “Standard” low-degree polynomials over a finite field are easy to compute witha small number of communication rounds in virtually any setting for secure computation. However, most Boolean functions cannot be evaluate...
متن کاملDebug monad on local sever ( no crypto ) Standard Haskell RTS
Using homomorphic encryption and secure multiparty computation, cloud servers may perform regularly structured computation on encrypted data, without access to decryption keys. However, prior approaches for programming on encrypted data involve restrictive models such as boolean circuits, or standard languages that do not guarantee secure execution of all expressible programs. We present an exp...
متن کاملON THE FUZZY SET THEORY AND AGGREGATION FUNCTIONS: HISTORY AND SOME RECENT ADVANCES
Several fuzzy connectives, including those proposed by Lotfi Zadeh, can be seen as linear extensions of the Boolean connectives from the scale ${0,1}$ into the scale $[0,1]$. We discuss these extensions, in particular, we focus on the dualities arising from the Boolean dualities. These dualities allow to transfer the results from some particular class of extended Boolean functions, e.g., from c...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2004