Checking secure information flow in Java']Java bytecode by code transformation and standard bytecode verification

被引:10
作者
Bernardeschi, C [1 ]
De Francesco, N [1 ]
Lettieri, G [1 ]
Martini, L [1 ]
机构
[1] Univ Pisa, Dipartimento Ingn Informaz, I-56100 Pisa, Italy
来源
SOFTWARE-PRACTICE & EXPERIENCE | 2004年 / 34卷 / 13期
关键词
security; information flow; !text type='Java']Java[!/text] bytecode; bytecode verifier;
D O I
10.1002/spe.611
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
A method is presented for checking secure information flow in Java bytecode, assuming a multilevel security policy that assigns security levels to the objects. The method exploits the type-level abstract interpretation of standard bytecode verification to detect illegal information flows. We define an algorithm transforming the original code into another code in such a way that a typing error detected by the Verifier on the transformed code corresponds to a possible illicit information How in the original code. We present a prototype tool that implements the method and we show an example of application. Copyright (C) 2004 John Wiley Sons, Ltd.
引用
收藏
页码:1225 / 1255
页数:31
相关论文
共 33 条
[1]  
Andrews G. R., 1980, ACM Transactions on Programming Languages and Systems, V2, P56, DOI 10.1145/357084.357088
[2]  
[Anonymous], 1998, P 25 ACM SIGPLAN SIG, DOI DOI 10.1145/268946.268976
[3]  
[Anonymous], P ACM S PRINC PROGR, DOI [10.1145/292540.292555, DOI 10.1145/292540.292555]
[4]  
*AP FDN, 2004, JAK PROJ
[5]  
Ball T., 1993, ACM Letters on Programming Languages and Systems, V2, P1, DOI 10.1145/176454.176456
[6]  
Banatre J.-P., 1994, LECT NOTES COMPUTER, V875, P55
[7]   Abstract interpretation of operational semantics for secure information flow [J].
Barbuti, R ;
Bernardeschi, C ;
De Francesco, N .
INFORMATION PROCESSING LETTERS, 2002, 83 (02) :101-108
[8]  
BARBUTI R, 2002, 17 ACM S APPL COMP S, P229
[9]  
Bell D.Elliott., 1973, Secure computer systems mathematical foundations
[10]   An abstract semantics tool for secure information flow of stack-based assembly programs [J].
Bernardeschi, C ;
De Francesco, N ;
Lettieri, G .
MICROPROCESSORS AND MICROSYSTEMS, 2002, 26 (08) :391-398
1234