| Autor: |
Jens Van der Plas, Jens Nicolay, Wolfgang De Meuter, Coen De Roover |
| Přispěvatelé: |
Software Languages Lab, Informatics and Applied Informatics, Faculty of Sciences and Bioengineering Sciences |
| Jazyk: |
angličtina |
| Rok vydání: |
2023 |
| Předmět: |
|
| Popis: |
Information Flow Control is important for securing applications, primarily to preserve the confidentiality and integrity of applications and the data they process. Statically determining the flows of information for security purposes helps to secure applications early in the development pipeline. However, a sound and precise static analysis is difficult to scale. Modular static analysis is a technique for improving the scalability of static analysis. In this paper, we present an approach for constructing a modular static analysis for performing Information Flow Control for higher-order, imperative programs. A modular analysis requires information about data dependencies between modules. These dependencies arise as a result of information flows between modules, and therefore we piggy-back an Information Flow Control analysis on top of an existing modular analysis. Additionally, the resulting modular Information Flow Control analysis retains the benefits of its modular character. We validate our approach by performing an Information Flow Control analysis on 9 synthetic benchmark programs that contain both explicit and implicit information flows. |
| Databáze: |
OpenAIRE |
| Externí odkaz: |
|
