Go home now Header Background Image
Submission Procedure
share: |
Follow us
Volume 22 / Issue 7

available in:   PDF (340 kB) PS (1 MB)
Similar Docs BibTeX   Write a comment
Links into Future
DOI:   10.3217/jucs-022-07-0956


Rewriting-Based Enforcement of Noninterference in Programs with Observable Intermediate Values

Afshin Lamei (Amirkabir University of Technology (Tehran Polytechnic), Iran)

Mehran S. Fallah (Amirkabir University of Technology (Tehran Polytechnic), Iran)

Abstract: Program rewriting is defined as transforming a given program into one satisfying some intended properties. This technique has recently been suggested as a means for enforcing security policies. In this paper, we propose rewriting mechanisms based on program dependence graphs to enforce noninterference in programs with observable intermediate values. We first formulate progress-insensitive and progress-sensitive noninterference for the programs of a model language. Then, we give rewriting mechanisms that correctively enforce such policies. The notion of corrective enforcement is also introduced. It is indeed a realization of transparent rewriting in which the good behaviors of the program are preserved irrespective of whether the program is secure or not. Unlike purely static mechanisms, our rewriting mechanisms allow tracking those points on dependence graphs that are actually traversed at run-time, thereby achieving transparency. The rewriting-based enforcement of noninterference also obviates the need for changing the run-time system, something that cannot be avoided in dynamic enforcement mechanisms. The proposed rewriters are provably sound and transparent for the class of programs whose loops can be analyzed for termination and any dependency in their dependence graphs definitely reflects the existence of a flow.

Keywords: corrective enforcement, noninterference, program dependence graphs, program rewriting

Categories: D.4.6, F.3.1, F.4