Skip to main content

Towards a Flow- and Path-Sensitive Information Flow Analysis

Publication ,  Conference
Li, P; Zhang, D
Published in: Proceedings - IEEE Computer Security Foundations Symposium
September 25, 2017

This paper investigates a flow- and path-sensitive static information flow analysis. Compared with security type systems with fixed labels, it has been shown that flow-sensitive type systems accept more secure programs. We show that an information flow analysis with fixed labels can be both flow- and path-sensitive. The novel analysis has two major components: 1) a general-purpose program transformation that removes false dataflow dependencies in a program that confuse a fixed-label type system, and 2) a fixed-label type system that allows security types to depend on path conditions. We formally prove that the proposed analysis enforces a rigorous security property: noninterference. Moreover, we show that the analysis is strictly more precise than a classic flow-sensitive type system, and it allows sound control of information flow in the presence of mutable variables without resorting to run-time mechanisms.

Duke Scholars

Published In

Proceedings - IEEE Computer Security Foundations Symposium

DOI

ISSN

1940-1434

Publication Date

September 25, 2017

Start / End Page

53 / 67
 

Citation

APA
Chicago
ICMJE
MLA
NLM
Li, P., & Zhang, D. (2017). Towards a Flow- and Path-Sensitive Information Flow Analysis. In Proceedings - IEEE Computer Security Foundations Symposium (pp. 53–67). https://doi.org/10.1109/CSF.2017.17
Li, P., and D. Zhang. “Towards a Flow- and Path-Sensitive Information Flow Analysis.” In Proceedings - IEEE Computer Security Foundations Symposium, 53–67, 2017. https://doi.org/10.1109/CSF.2017.17.
Li P, Zhang D. Towards a Flow- and Path-Sensitive Information Flow Analysis. In: Proceedings - IEEE Computer Security Foundations Symposium. 2017. p. 53–67.
Li, P., and D. Zhang. “Towards a Flow- and Path-Sensitive Information Flow Analysis.” Proceedings - IEEE Computer Security Foundations Symposium, 2017, pp. 53–67. Scopus, doi:10.1109/CSF.2017.17.
Li P, Zhang D. Towards a Flow- and Path-Sensitive Information Flow Analysis. Proceedings - IEEE Computer Security Foundations Symposium. 2017. p. 53–67.

Published In

Proceedings - IEEE Computer Security Foundations Symposium

DOI

ISSN

1940-1434

Publication Date

September 25, 2017

Start / End Page

53 / 67