Options
Types vs. PDGs in information flow analysis
Publikationstyp
Conference Paper
Publikationsdatum
2013-09
Sprache
English
Author
Mantel, Heiko
First published in
Number in series
7844 LNCS
Start Page
106
End Page
121
Citation
Lecture Notes in Computer Science 7844 LNCS: 106-121 (2013-11-14)
Contribution to Conference
Publisher DOI
Scopus ID
Publisher
Springer
Type-based and PDG-based information flow analysis techniques are currently developed independently in a competing manner, with different strengths regarding coverage of language features and security policies. In this article, we study the relationship between these two approaches. One key insight is that a type-based information flow analysis need not be less precise than a PDG-based analysis. For proving this result we establish a formal connection between the two approaches which can also be used to transfer concepts from one tradition of information flow analysis to the other. The adoption of rely-guarantee-style reasoning from security type systems, for instance, enabled us to develop a PDG-based information flow analysis for multi-threaded programs.
Schlagworte
Information flow security
Program dependency graph
Security type system
DDC Class
004: Informatik