About: Permissive runtime information flow control in the presence of exceptions

Not logged in : Login

(Sponging disallowed)

Facets (new session)
Description
Metadata
Settings
- Rule:
- Inverse Functional Properties:
- "Same As":

About: Permissive runtime information flow control in the presence of exceptions Goto Sponge NotDistinct Permalink

An Entity of Type : bibo:AcademicArticle, within Data Space : linkeddata.uriburner.com:28898 associated with source document(s)

Attributes	Values
type	http://eprints.org/ontology/ArticleEPrint http://eprints.org/ontology/EPrint Article Academic Article
seeAlso	HTML Summary of #90655 Permissive runtime information flow control in the presence of exceptions
sameAs	Permissive runtime information flow control in the presence of exceptions
Title	Permissive runtime information flow control in the presence of exceptions
described by	https://demo.openlinksw.com/about/id/entity/https/www.cs.kent.ac.uk/people/staff/akj22/materials/CO644/export_kar_RDFN3.n3
Date	2021-01-01
Creator	Deepak Garg Abhishek Bichhawat Christian Hammer Vineet Rajani
status	peer reviewed published
Publisher	IOS Press
abstract	Information flow control (IFC) has been extensively studied as an approach to mitigate information leaks in applications. A vast majority of existing work in this area is based on static analysis. However, some applications, especially on the Web, are developed using dynamic languages like JavaScript where static analyses for IFC do not scale well. As a result, there has been a growing interest in recent years to develop dynamic or runtime information flow analysis techniques. In spite of the advances in the field, runtime information flow analysis has not been at the helm of information flow security, one of the reasons being that the analysis techniques and the security property related to them (non-interference) over-approximate information flows (particularly implicit flows), generating many false positives. In this paper, we present a sound and precise approach for handling implicit leaks at runtime. In particular, we present an improvement and enhancement of the so-called permissive-upgrade strategy, which is widely used to tackle implicit leaks in dynamic information flow control. We improve the strategy’s permissiveness and generalize it. Building on top of it, we present an approach to handle implicit leaks when dealing with complex features like unstructured control flow and exceptions in higher-order languages. We explain how we address the challenge of handling unstructured control flow using immediate post-dominator analysis. We prove that our approach is sound and precise.
Is Part Of	Journal of Computer Security https://kar.kent.ac.uk/id/repository
Subject	QA Mathematics (inc Computing science) QA 76 Software, computer programming,
list of authors	https://kar.kent.ac.uk/id/eprint/90655#authors
issue	4
volume	29
is topic of	https://www.cs.kent.ac.uk/people/staff/akj22/materials/CO644/export_kar_RDFN3.n3
is primary topic of	HTML Summary of #90655 Permissive runtime information flow control in the presence of exceptions

Faceted Search & Find service v1.17_git149 as of Dec 03 2024

Alternative Linked Data Documents: iSPARQL | ODE Content Formats:

RDF

ODATA

Microdata

About

OpenLink Virtuoso version 08.03.3332 as of Jan 29 2025, on Linux (x86_64-generic-linux-glibc25), Single-Server Edition (378 GB total memory, 22 GB memory in use)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2025 OpenLink Software