Precise Dynamic Verification of Noninterference
نویسنده
چکیده
Confidentiality is maybe the most popular security property to be formally orinformally verified. Noninterference is a baseline security policy to formalizeconfidentiality of secret information manipulated by a program. Many staticanalyses have been developed for the verification of noninterference. In contrastto those static analyses, this paper considers the run-time verification of therespect of confidentiality by a single execution of a program. It proposes a dy-namic noninterference analysis for sequential programs based on a combinationof dynamic and static analyses. The static analysis is used to analyze some un-executed pieces of code in order to take into account all types of flows. The staticanalysis is sensitive to the current program state. This sensitivity allows theoverall dynamic analysis to be more precise than previous work. The soundnessof the overall dynamic noninterference analysis with regard to confidentialitybreaches detection and correction is proved. inria-00162609,version3-18Jul2008
منابع مشابه
Precise Dynamic Verification of Confidentiality
Confidentiality is maybe the most popular security property to be formally or informally verified. Noninterference is a baseline security policy to formalize confidentiality of secret information manipulated by a program. Many static analyses have been developed for the verification of noninterference. In contrast to those static analyses, this paper considers the run-time verification of the r...
متن کاملA Theorem Proving Approach to Secure Information Flow in Concurrent Programs (Extended Abstract)
We present an approach to formally prove secure information flow in multi-threaded programs. We start with a precise formalization of noninterference in dynamic logic and then use the rely/guarantee approach to reduce this to thread-modular properties, that can be checked locally. A sound and complete calculus ensures that these properties can be proven without false positives. Currently, we wo...
متن کاملChecking probabilistic noninterference using JOANA
JOANA is a tool for software security analysis, checking up to 100kLOC of full multi-threaded Java. JOANA is based on sophisticated program analysis techniques and thus very precise. It includes a new algorithm guaranteeing probabilistic noninterference, named RLSOD. JOANA needs few annotations and has a nice GUI. The tool is open source and was applied in several case studies. The article pres...
متن کاملA Hybrid Approach for Proving Noninterference and Applications to the Cryptographic Verification of Java Programs
Several tools and approaches for proving noninterference properties for Java and other languages exist. Some of them have a high degree of automation or are even fully automatic, but overapproximate the actual information flow, and hence, may produce false positives. Other tools, such as those based on theorem proving, are more precise, but need more interaction, and hence, analysis is time-con...
متن کاملNoninterference with Local Policies
We study non-interference based security in a dynamic setting, where the security policy may depend on the state of the system. More specifically, we 1. provide new definitions of dynamic noninterference security which conform to the intuitive notion of noninterference and give efficient algorithms to decide whether a given system is secure, and 2. obtain a characterization of secure systems us...
متن کامل