Access Restriction

Author Chandra, D. ♦ Franz, M.
Source IEEE Xplore Digital Library
Content type Text
Publisher Institute of Electrical and Electronics Engineers, Inc. (IEEE)
File Format PDF
Copyright Year ©2007
Language English
Subject Domain (in DDC) Computer science, information & general works ♦ Data processing & computer science
Subject Keyword Information analysis ♦ Java ♦ Virtual machining ♦ Information security ♦ Protection ♦ Safety ♦ Automata ♦ Invasive software ♦ Computer security ♦ Application software
Abstract We have implemented an information flow framework for the Java virtual machine that combines static and dynamic techniques to capture not only explicit flows, but also implicit ones resulting from control flow. Unlike other approaches that freeze policies at time of compilation, our system truly separates policy and enforcement mechanism and thereby permits policy changes even while a program is running. Ahead of execution, we run a static analysis that annotates an executable with information-flow information. During execution, we then use the annotations to safely update the labels of variables that lie in alternative paths of execution while enforcing the policy currently in place. Our framework doesn't require access to source code and is fully backward-compatible with existing Java class files. Preliminary benchmark results suggest that the run-time overhead of information flow techniques such as ours is well within acceptable range for many application domains.
Description Author affiliation: Univ. of California, Oakland (Chandra, D.; Franz, M.)
ISBN 9780769530604
ISSN 10639527
Educational Role Student ♦ Teacher
Age Range above 22 year
Educational Use Research ♦ Reading
Education Level UG and PG
Learning Resource Type Article
Publisher Date 2007-12-10
Publisher Place USA
Rights Holder Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Size (in Bytes) 575.67 kB
Page Count 13
Starting Page 463
Ending Page 475

Source: IEEE Xplore Digital Library