Title :
Enforcing Reactive Noninterference with Reachability Analysis
Author :
Sun, Cong ; Tang, Liyong ; Chen, Zhong
Author_Institution :
Sch. of Electron. Eng. & Comput. Sci., Peking Univ., Beijing, China
Abstract :
The reactive computational model is pervasively used as a proper abstraction of web-based applications which receive inputs and generate outputs throughout execution. The present static enforcements of information flow security on reactive program are either based on type system or abstract interpretation. In this work we first propose an approach using automated verification to check conformance with information flow policy for reactive program. This approach utilizes our previous idea to incorporate self-composition with reach ability analysis. In order to reduce the state space of model, we propose the Store-Match Self-Composition (SMSC) to avoid duplicating the low channels. The result of preliminary experiments shows that our approach is more precise and efficient than existing work and also more efficient than our previous reach ability analysis.
Keywords :
Internet; formal verification; reachability analysis; security of data; SMSC; Web-based applications; automated verification; information flow security; reachability analysis; reactive noninterference; store-match self-composition; Computational modeling; Data structures; Motorcycles; Reachability analysis; Security; Semantics; Software; information flow; noninterference; program analysis; pushdown system; reactive program;
Conference_Titel :
Information Technology: New Generations (ITNG), 2011 Eighth International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-61284-427-5
Electronic_ISBN :
978-0-7695-4367-3
DOI :
10.1109/ITNG.2011.63
