IFC Inside: Retrofitting Languages with Dynamic Information Flow Control
نویسندگان
چکیده
منابع مشابه
IFC Inside: A General Approach to Retrofitting Languages with Dynamic Information Flow Control
Many important security problems in JavaScript, such as browser extension security, untrusted JavaScript libraries and safe integration of mutually distrustful websites (mash-ups), may be effectively addressed using an efficient implementation of information flow control. We formally specify a coarse-grained IFC system that can be implemented non-intrusively, resulting in much greater implement...
متن کاملIFC Inside: Retrofitting Languages with Dynamic Information Flow Control (Extended Version)
Many important security problems in JavaScript, such as browser extension security, untrusted JavaScript libraries and safe integration of mutually distrustful websites (mash-ups), may be effectively addressed using an efficient implementation of information flow control (IFC). Unfortunately existing fine-grained approaches to JavaScript IFC require modifications to the language semantics and i...
متن کاملFlexible Dynamic Information Flow Control in the Presence of Exceptions Sequential LIO
We describe a language-based, dynamic information flow control (IFC) system called LIO. Our system presents a new design point for IFC, influenced by the challenge of implementing IFC as a Haskell library, as opposed to the more typical approach of modifying the language runtime system. In particular, we take a coarse-grained, floating-label approach, previously used by IFC Operating Systems, a...
متن کاملAn Enhanced IFC Label Model to meet Application Policy Requirements
In recent projects we have investigated the use of Information Flow Control (IFC) for distributed and cloud computing. As reported elsewhere, we designed and implemented an Operating System (OS) kernel-loadable module for Linux (FlowK) to enforce IFC, and enhanced our SBUS middleware to be IFC-compliant (SBUS-IFC). FlowK’s label model follows established practice for IFC in languages and OS, bu...
متن کاملInformation Flow Control in WebKit's JavaScript Bytecode
Websites today routinely combine JavaScript from multiple sources, both trusted and untrusted. Hence, JavaScript security is of paramount importance. A specific interesting problem is information flow control (IFC) for JavaScript. In this paper, we develop, formalize and implement a dynamic IFC mechanism for the JavaScript engine of a production Web browser (specifically, Safari’s WebKit engine...
متن کامل