Tachio Terauchi and Alex Aiken
EECS Department
University of California, Berkeley
Technical Report No. UCB/CSD-05-1396
June 2005
http://www2.eecs.berkeley.edu/Pubs/TechRpts/2005/CSD-05-1396.pdf
The termination insensitive secure information flow problem can be reduced to solving a safety problem via a simple program transformation. Barthe, D'Argenio, and Rezk coined the term "self-composition" to describe this reduction. This paper generalizes the self-compositional approach with a form of information downgrading recently proposed by Li and Zdancewic. We also identify a problem with applying the self-compositional approach in practice, and we present a solution to this problem that makes use of more traditional type-based approaches. The result is a framework that combines the best of both worlds, i.e., better than traditional type-based approaches and better than the self-compositional approach.
BibTeX citation:
@techreport{Terauchi:CSD-05-1396, Author = {Terauchi, Tachio and Aiken, Alex}, Title = {Secure Information Flow as a Safety Problem}, Institution = {EECS Department, University of California, Berkeley}, Year = {2005}, Month = {Jun}, URL = {http://www2.eecs.berkeley.edu/Pubs/TechRpts/2005/5541.html}, Number = {UCB/CSD-05-1396}, Abstract = {The termination insensitive secure information flow problem can be reduced to solving a safety problem via a simple program transformation. Barthe, D'Argenio, and Rezk coined the term "self-composition" to describe this reduction. This paper generalizes the self-compositional approach with a form of information downgrading recently proposed by Li and Zdancewic. We also identify a problem with applying the self-compositional approach in practice, and we present a solution to this problem that makes use of more traditional type-based approaches. The result is a framework that combines the best of both worlds, i.e., better than traditional type-based approaches and better than the self-compositional approach.} }
EndNote citation:
%0 Report %A Terauchi, Tachio %A Aiken, Alex %T Secure Information Flow as a Safety Problem %I EECS Department, University of California, Berkeley %D 2005 %@ UCB/CSD-05-1396 %U http://www2.eecs.berkeley.edu/Pubs/TechRpts/2005/5541.html %F Terauchi:CSD-05-1396