loading
Papers

Research.Publish.Connect.

Paper

Authors: Sandip Ghosal 1 ; R. K. Shyamasundar 1 and N. V. Narendra Kumar 2

Affiliations: 1 Department of Computer Science and Engineering, Indian Institute of Technology Bombay, Mumbai, 400076 and India ; 2 Institute for Development and Research in Banking Technology, Hyderabad and India

ISBN: 978-989-758-319-3

Keyword(s): Language-based Security, Information-flow Security, Dynamic Labelling.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Secure Software Development Methodologies ; Security and Privacy Policies ; Security Engineering ; Security in Information Systems ; Software Security

Abstract: Programming languages are pivotal for building robust secure systems, and language-based security platforms are very much in demand for building secure systems. In this paper, we explore an approach for static security certification of a class of imperative programs using a hybrid of static and dynamic labelling via information flow control (IFC) models. First, we illustrate an analysis of some benchmark programs using static (or immutable) labelling approaches, and discuss possible labelling of the principals/subjects and objects using a combination of mutable and immutable labelling, and discuss their impact on the precision of the underlying certification. Then, we describe our approach of static certification of programs based on a combination of mutable and immutable (i.e., hybrid) labelling; our labelling generates labels from the given set of initial labels (some of which could be immutable) and the constraints require to be satisfied for a program to be information-flow secure as defined by Denning et. al.(Denning and Denning, 1977). Our labelling algorithm is shown to be sound with respect to non-interference, and we further establish the termination of the algorithm. Our proposed labelling approach is more security precise than the other labelling approaches in the literature. It may be pointed out that the labels are generated succinctly without unnecessarily blowing up the label space. As the method is not tied to any particular security model, it provides a sound basis for the security certification of programs for information-flow security. We compare the precision realizable by our approach with those in the literature. The comparison of our approach also brings to light an intrinsic property of our labelling algorithm that could be effectively used for non-deterministic or concurrent programs. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.205.60.226

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Ghosal, S.; K. Shyamasundar, R. and V. Narendra Kumar, N. (2018). Static Security Certification of Programs via Dynamic Labelling.In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2 SECRYPT: SECRYPT, ISBN 978-989-758-319-3, pages 234-245. DOI: 10.5220/0006868604000411

@conference{secrypt18,
author={Sandip Ghosal. and R. K. Shyamasundar. and N. V. Narendra Kumar.},
title={Static Security Certification of Programs via Dynamic Labelling},
booktitle={Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2 SECRYPT: SECRYPT,},
year={2018},
pages={234-245},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006868604000411},
isbn={978-989-758-319-3},
}

TY - CONF

JO - Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2 SECRYPT: SECRYPT,
TI - Static Security Certification of Programs via Dynamic Labelling
SN - 978-989-758-319-3
AU - Ghosal, S.
AU - K. Shyamasundar, R.
AU - V. Narendra Kumar, N.
PY - 2018
SP - 234
EP - 245
DO - 10.5220/0006868604000411

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.