Types vs. PDGs in information flow analysis

Mantel, Heiko; Sudbrock, Henning

Types vs. PDGs in information flow analysis

Publikationstyp

Conference Paper

Date Issued

2013-09

Sprache

English

Author(s)

Mantel, Heiko

Sudbrock, Henning

TORE-URI

http://hdl.handle.net/11420/13865

First published in

Lecture notes in computer science

Number in series

7844 LNCS

Start Page

106

End Page

121

Citation

Lecture Notes in Computer Science 7844 LNCS: 106-121 (2013-11-14)

Contribution to Conference

22nd International Symposium on Logic-Based Program Synthesis and Transformation, LOPSTR 2012

Publisher DOI

10.1007/978-3-642-38197-3_8

Scopus ID

2-s2.0-84887300421

Publisher

Springer

Type-based and PDG-based information flow analysis techniques are currently developed independently in a competing manner, with different strengths regarding coverage of language features and security policies. In this article, we study the relationship between these two approaches. One key insight is that a type-based information flow analysis need not be less precise than a PDG-based analysis. For proving this result we establish a formal connection between the two approaches which can also be used to transfer concepts from one tradition of information flow analysis to the other. The adoption of rely-guarantee-style reasoning from security type systems, for instance, enabled us to develop a PDG-based information flow analysis for multi-threaded programs.

Subjects

Information flow security

Program dependency graph

Security type system

DDC Class

004: Informatik

Options

Types vs. PDGs in information flow analysis