Channels: Runtime System Infrastructure for Security-Typed Languages

Miami Beach, Florida, USA December 10-December 14

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ACSAC.2007.35

Twenty-Third Annual Computer Security ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Boniface Hicks Articles by Tim Misiak Articles by Patrick McDaniel

	ASCII Text	x
	Boniface Hicks, Tim Misiak, Patrick McDaniel, "Channels: Runtime System Infrastructure for Security-Typed Languages," Computer Security Applications Conference, Annual, pp. 443-452, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007), 2007.

	BibTex	x
	@article{ 10.1109/ACSAC.2007.35, author = {Boniface Hicks and Tim Misiak and Patrick McDaniel}, title = {Channels: Runtime System Infrastructure for Security-Typed Languages}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2007}, issn = {1063-9527}, pages = {443-452}, doi = {http://doi.ieeecomputersociety.org/10.1109/ACSAC.2007.35}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - Channels: Runtime System Infrastructure for Security-Typed Languages SN - 1063-9527 SP443 EP452 A1 - Boniface Hicks, A1 - Tim Misiak, A1 - Patrick McDaniel, PY - 2007 VL - 0 JA - Computer Security Applications Conference, Annual ER -

Boniface Hicks

Tim Misiak

Patrick McDaniel

Security-typed languages (STLs) are powerful tools for provably implementing policy in applications. The pro- grammer maps policy onto programs by annotating types with information flow labels, and the STL compiler guaran- tees that data always obeys its label as it flows within an application. As data flows into or out of an application, however, a runtime system is needed to mediate between the information flow world within the application and the non-information flow world of the operating system. In the few existing STL applications, this problem has been han- dled in ad hoc ways that hindered software engineering and security analysis. In this paper, we present a principled ap- proach to STL runtime system development along with pol- icy infrastructure and class abstractions for the STL, Jif, that implement these principles. We demonstrate the ef- fectiveness of our approach by using our infrastructure to develop a firewall application, FLOWWALL, that provably enforces its policy.

Citation:

Boniface Hicks, Tim Misiak, Patrick McDaniel, "Channels: Runtime System Infrastructure for Security-Typed Languages," acsac, pp.443-452, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.