Noninterference in the Presence of Non-Opaque Pointers

Venice, Italy July 05-July 07

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/CSFW.2006.19

19th IEEE Computer Security Foundatio ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Daniel Hedin Articles by David Sands

	ASCII Text	x
	Daniel Hedin, David Sands, "Noninterference in the Presence of Non-Opaque Pointers," Computer Security Foundations Workshop, IEEE, pp. 217-229, 19th IEEE Computer Security Foundations Workshop (CSFW'06), 2006.

	BibTex	x
	@article{ 10.1109/CSFW.2006.19, author = {Daniel Hedin and David Sands}, title = {Noninterference in the Presence of Non-Opaque Pointers}, journal ={Computer Security Foundations Workshop, IEEE}, volume = {0}, year = {2006}, issn = {1063-6900}, pages = {217-229}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSFW.2006.19}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Foundations Workshop, IEEE TI - Noninterference in the Presence of Non-Opaque Pointers SN - 1063-6900 SP217 EP229 A1 - Daniel Hedin, A1 - David Sands, PY - 2006 KW - null VL - 0 JA - Computer Security Foundations Workshop, IEEE ER -

Daniel Hedin, Chalmers University of Technology, Sweden

David Sands, Chalmers University of Technology, Sweden

A common theoretical assumption in the study of information flow security in Java-like languages is that pointers are opaque - i.e., that the only properties that can be observed of pointers are the objects to which they point, and (at most) their equality. These assumptions often fail in practice. For example, various important operations in Java?s standard API, such as hashcodes or serialization, might break pointer opacity. As a result, information-flow static analyses which assume pointer opacity risk being unsound in practice, since the pointer representation provides an unchecked implicit leak. We investigate information flow in the presence of non-opaque pointers for an imperative language with records, pointer instructions and exceptions, and develop an information flow aware type system which guarantees noninterference.

Citation:

Daniel Hedin, David Sands, "Noninterference in the Presence of Non-Opaque Pointers," csfw, pp.217-229, 19th IEEE Computer Security Foundations Workshop (CSFW'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.