JFlow

JFlow: practical mostly-static information flow control. A promising technique for protecting privacy and integrity of sensitive data is to statically check information flow within programs that manipulate the data. While previous work has proposed programming language extensions to allow this static checking, the resulting languages are too restrictive for practical use and have not been implemented. In this paper, we describe the new language JFlow, an extension to the Java language that adds statically-checked information flow annotations. JFlow provides several new features that make information flow checking more flexible and convenient than in previous models: a decentralized label model, label polymorphism, run-time label checking, and automatic label inference. JFlow also supports many language features that have never been integrated successfully with static information flow control, including objects, subclassing, dynamic type tests, access control, and exceptions. This paper defines the JFlow language and presents formal rules that are used to check JFlow programs for correctness. Because most checking is static, there is little code space, data space, or run-time overhead in the JFlow implementation.


References in zbMATH (referenced in 23 articles )

Showing results 1 to 20 of 23.
Sorted by year (citations)

1 2 next

  1. Ramezanifarkhani, Toktam; Owe, Olaf; Tokas, Shukun: A secrecy-preserving language for distributed and object-oriented systems (2018)
  2. Harris, William R.; Jha, Somesh; Reps, Thomas W.; Seshia, Sanjit A.: Program synthesis for interactive-security systems (2017)
  3. Iranmanesh, Zeinab; Fallah, Mehran S.: Specification and static enforcement of scheduler-independent noninterference in a middleweight Java (2016)
  4. Mantel, Heiko; Müller-Olm, Markus; Perner, Matthias; Wenner, Alexander: Using dynamic pushdown networks to automate a modular information-flow analysis (2015)
  5. Beckert, Bernhard; Bruns, Daniel; Klebanov, Vladimir; Scheben, Christoph; Schmitt, Peter H.; Ulbrich, Mattias: Information flow in object-oriented software (2014)
  6. Lourenço, Luísa; Caires, Luís: Information flow analysis for valued-indexed data security compartments (2014)
  7. Ozsoy, Meltem; Ponomarev, Dmitry; Abu-Ghazaleh, Nael; Suri, Tameesh: SIFT: low-complexity energy-efficient information flow tracking on SMT processors (2014)
  8. Almeida, J. Bacelar; Barbosa, Manuel; Pinto, Jorge S.; Vieira, Bárbara: Formal verification of side-channel countermeasures using self-composition (2013)
  9. Pettai, Martin; Laud, Peeter: Securing the future -- an information flow analysis of a distributed OO language (2012)
  10. Zanardini, Damiano: Class-level non-interference (2012) ioport
  11. Askarov, Aslan; Myers, Andrew: Attacker control and impact for confidentiality and integrity (2011)
  12. Wang, Shengyuan; Dong, Yuan: A verifiable low-level concurrent programming model based on colored Petri nets (2011)
  13. Li, Peng; Zdancewic, Steve: Arrows for secure information flow (2010)
  14. Rukšẹnas, Rimvydas; Curzon, Paul; Blandford, Ann: Modelling and analysing cognitive causes of security breaches (2008) ioport
  15. Abadi, Martín: Access control in a core calculus of dependency (2007)
  16. Attali, Isabelle; Caromel, Denis; Henrio, Ludovic; Del Aguila, Felipe Luna: Secured information flow for asynchronous sequential processes (2007)
  17. Barthe, Gilles; Rezk, Tamara; Basu, Amitabh: Security types preserving compilation (2007)
  18. De Francesco, Nicoletta; Martini, Luca: Instruction-level security analysis for information flow in stack-based assembly languages (2007)
  19. De Francesco, Nicoletta; Martini, Luca: Instruction-level security typing by abstract interpretation (2007) ioport
  20. Zheng, Lantian; Myers, Andrew C.: Dynamic security labels and static information flow control (2007) ioport

1 2 next