Title :
Using Partial Ordered Numbers to Control Information Flows
Author :
Chou, Shih-Chien
Author_Institution :
Dept. of Comput. Sci. & Inf. Eng., Nat. Dong Hwa Univ., Hualien, Taiwan
Abstract :
Information flow control models can be applied widely. This paper discusses only the models preventing information leakage during program execution. In the prevention, an information flow control model dynamically monitors statements that will cause information flows and ban statements that may cause leakage. We involved in the research of information flow control for years and identified that sensitive information may be leaked only when it is output. However, most existing models ignore information flows induced by output statements. We thus designed a new model that especially emphasizes the monitoring of output statements. We also designed the model as a precise and low runtime overhead one. Our experiments show that the model bans every non-secure information flow and substantially reduces runtime overhead when comparing with our previous work.
Keywords :
authorisation; data flow computing; ban statement; information flow control; information leakage; nonsecure information flow; partial ordered number; program execution; Access control; History; Media; Monitoring; Object oriented modeling; Runtime; Information flow control; access control; information leakage prevention; security;
Conference_Titel :
Secure Software Integration and Reliability Improvement (SSIRI), 2011 Fifth International Conference on
Conference_Location :
Jeju Island
Print_ISBN :
978-1-4577-0780-3
Electronic_ISBN :
978-0-7695-4453-3
DOI :
10.1109/SSIRI.2011.27
