Runtime enforcement of information flow security in tree manipulating processes

Máté Kovács, Helmut Seidl

Publikation: Beitrag in Buch/Bericht/KonferenzbandKonferenzbeitragBegutachtung

10 Zitate (Scopus)

Abstract

We consider the problem of enforcing information flow policies in Xml manipulating programs such as Web services and business processes implemented in current workflow languages. We propose a runtime monitor that can enforce the secrecy of freely chosen subtrees of the data throughout the execution. The key idea is to apply a generalized constant propagation for computing the public effect of branching constructs whose conditions may depend on the secret. This allows for a better precision than runtime monitors which rely on tainting of variables or nodes alone. We demonstrate our approach for a minimalistic tree manipulating programming language and prove its correctness w.r.t. the concrete semantics of programs.

OriginalspracheEnglisch
TitelEngineering Secure Software and Systems - 4th International Symposium, ESSoS 2012, Proceedings
Seiten46-59
Seitenumfang14
DOIs
PublikationsstatusVeröffentlicht - 2012
Veranstaltung4th International Symposium on Engineering Secure Software and Systems, ESSoS 2012 - Eindhoven, Niederlande
Dauer: 16 Feb. 201217 Feb. 2012

Publikationsreihe

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Band7159 LNCS
ISSN (Print)0302-9743
ISSN (elektronisch)1611-3349

Konferenz

Konferenz4th International Symposium on Engineering Secure Software and Systems, ESSoS 2012
Land/GebietNiederlande
OrtEindhoven
Zeitraum16/02/1217/02/12

Fingerprint

Untersuchen Sie die Forschungsthemen von „Runtime enforcement of information flow security in tree manipulating processes“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren