• DocumentCode
    476690
  • Title

    A proof-producing machine-code analyzer for secure information flow

  • Author

    Muthana, Abdulrahman ; Ghani, Abdul Azim Abd ; Mahmod, Ramlan ; Selamat, Hasan

  • Author_Institution
    Faculty of Computer Science and Information Technology, Universiti Putra Malaysia, Malaysia
  • Volume
    1
  • fYear
    2008
  • fDate
    26-28 Aug. 2008
  • Firstpage
    1
  • Lastpage
    7
  • Abstract
    An approach enabling end-users to verify that a downloaded untrusted code will not leak confidential data to unauthorized parties is presented. The approach certifies RISC-style assembly programs for secure information flow by statically analyzing the code based on the idea of Proof Carrying Code (PCC). The proofs that untrusted code does not leak sensitive information are generated and checked on the host machine and if they are valid, then the untrusted code can be installed and executed safely. The proposed security analyzer operates directly on the machinecode requiring only the inputs and outputs of the code be annotated with security levels. The generated proofs serve as evidence that give end-users a guarantee about the security of the untrusted code.
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Technology, 2008. ITSim 2008. International Symposium on
  • Conference_Location
    Kuala Lumpur
  • Print_ISBN
    978-1-4244-2327-9
  • Electronic_ISBN
    978-1-4244-2328-6
  • Type

    conf

  • DOI
    10.1109/ITSIM.2008.4631593
  • Filename
    4631593
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=476690