Name
Abstract | ||
|---|---|---|
Verifying that programs trusted to enforce security actually do so is a practical concern for programmers and administrators. However, there is a disconnect between the kinds of tools that have been successfully applied to real software systems (such as taint mode in Perl and Ruby), and information-flow compilers that enforce a variant of the stronger security property of noninterference. Tools that have been successfully used to find security violations have focused on explicit flows of information, where high-security information is directly leaked to output. Analysis tools that enforce noninterference also prevent implicit flows of information, where high-security information can be inferred from a program's flow of control. However, these tools have seen little use in practice, despite the stronger guarantees that they provide. To better understand why, this paper experimentally investigates the explicit and implicit flows identified by the standard algorithm for establishing noninterference. When applied to implementations of authentication and cryptographic functions, the standard algorithm discovers many real implicit flows of information, but also reports an extremely high number of false alarms, most of which are due to conservative handling of unchecked exceptions (e.g., null pointer exceptions). After a careful analysis of all sources of true and false alarms, due to both implicit and explicit flows, the paper concludes with some ideas to improve the false alarm rate, toward making stronger security analysis more practical. |
Year | DOI | Venue |
|---|---|---|
2008 | 10.1007/978-3-540-89862-7_4 | ICISS '08 Proceedings of the 4th International Conference on Information Systems Security |
Keywords | Field | DocType |
analysis tool,stronger security analysis,stronger security property,standard algorithm,false alarm,explicit flow,Implicit Flows,high-security information,security violation,real implicit flow,implicit flow | Pointer (computer programming),Standard algorithms,False alarm,Authentication,Cryptography,Computer security,Computer science,Control flow,Security analysis,Perl | Conference |
Volume | ISSN | Citations |
5352 | 0302-9743 | 41 |
PageRank | References | Authors |
2.27 | 22 | 4 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Dave King | 1 | 83 | 4.89 |
| Boniface Hicks | 2 | 171 | 11.48 |
| Michael Hicks | 3 | 612 | 32.24 |
| T Jaeger | 4 | 2635 | 255.67 |