Precise Dynamic Verification of Confidentiality
نویسنده
چکیده
Confidentiality is maybe the most popular security property to be formally or informally verified. Noninterference is a baseline security policy to formalize confidentiality of secret information manipulated by a program. Many static analyses have been developed for the verification of noninterference. In contrast to those static analyses, this paper considers the run-time verification of the respect of confidentiality by a single execution of a program. It proposes a dynamic noninterference analysis for sequential programs based on a combination of dynamic and static analyses. The static analysis is used to analyze some unexecuted pieces of code in order to take into account all types of flows. The static analysis is sensitive to the current program state. This sensitivity allows the overall dynamic analysis to be more precise than previous work. The soundness of the overall dynamic noninterference analysis with regard to confidentiality breaches detection and correction is proved.
منابع مشابه
Precise Dynamic Verification of Noninterference
Confidentiality is maybe the most popular security property to be formally orinformally verified. Noninterference is a baseline security policy to formalizeconfidentiality of secret information manipulated by a program. Many staticanalyses have been developed for the verification of noninterference. In contrastto those static analyses, this paper considers the run-time verificat...
متن کاملJava Mobile Code Dynamic Verification by Bytecode Modification for Host Confidentiality
In this paper we present a novel dynamic verification approach to protect the local host confidentiality from malicious Java mobile code. In our approach we use Bytecode Modification to add the verification function to the Java mobile code’s class files before the local JVM executes them. Thus the verification work is done when the host JVM executes the modified class files. By this way our app...
متن کاملSecure High Dynamic Range Images
In this paper, a tone mapping algorithm is proposed to produce LDR (Limited Dynamic Range) images from HDR (High Dynamic Range) images. In the approach, nonlinear functions are applied to compress the dynamic range of HDR images. Security tools will be then applied to the resulting LDR images and their effectiveness will be tested on the reconstructed HDR images. Three specific examples of secu...
متن کاملFormalization of Security Properties: Enforcement for MAC Operating Systems and Verification of Dynamic MAC Policies
Enforcement of security properties by Operating Systems is an open problem. To the best of our knowledge, the solution presented in this paper is the first one that enables a wide range of integrity and confidentiality properties to be enforced. A unified formalization is proposed for the major properties of the literature and new ones are defined using a Security Property Language. Complex and...
متن کاملDynamic epistemic verification of security protocols: framework and case study
We propose a dynamic epistemic framework for the verification of security protocols. First, we introduce a dynamic epistemic logic equipped with iteration and cryptographic supplements in which we can formalize and check (epistemic) requirements of security protocols. On top of this, we give a general guide how to go from a protocol specification to its representation in our framework. We demon...
متن کامل