Abstract | ||
---|---|---|
If we classify the variables of a program into various security levels, then a secure information flow analysis aims to verify statically that information in the program can flow only in ways consistent with the specified security levels. To make such analysis more practical, this paper proposes a novel type inference approach that gives programmers the freedom to specify the security levels of whichever variables are of interest, leaving the security levels of other variables to be inferred automatically. Type inference in this context is not new, but previous approaches have been based on gathering a set of subtyping constraints from the program, and then solving them with an abstract constraint solver. As a result, it has been difficult to report type errors to users in an informative way. Our inference approach stays closer to the original program, making it easier for us to explain precisely the source of each type error. We develop our type inference algorithm for a small imperative language with arrays, and prove that it is sound and complete. We also discuss our techniques for informative error reporting, and illustrate their effectiveness through examples. |
Year | DOI | Venue |
---|---|---|
2006 | 10.1145/1185448.1185567 | ACM Southeast Regional Conference 2005 |
Keywords | Field | DocType |
secure information flow,informative error reporting,original program,security level,type inference,various security level,specified security level,inference approach,type inference algorithm,novel type inference approach,type error,fuzzy set theory,relational model,membership function | Data mining,Frequentist inference,Computer science,Imperative programming,Theoretical computer science,Type inference,Artificial intelligence,Information flow (information theory),Inference,Fiducial inference,Constraint satisfaction problem,Relational model,Machine learning | Conference |
ISBN | Citations | PageRank |
1-59593-315-8 | 9 | 0.50 |
References | Authors | |
11 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Zhenyue Deng | 1 | 19 | 1.03 |
Geoffrey S. Smith | 2 | 300 | 19.86 |