HOME | DEUTSCH | IMPRESSUM | KIT

Conference Papers: Information Flow Analysis via Path Condition Refinement

[taghdiri10fast]Mana Taghdiri, Gregor Snelting, Carsten Sinz, Information Flow Analysis via Path Condition Refinement, International Workshop on Formal Aspects of Security and Trust, September 2010.

Abstract

We present a new approach to information flow control(IFC), which exploits counterexample-guided abstraction refinement (CEGAR) technology. The CEGAR process is built on top of our existing IFC analysis in which illegal flows are characterized using program dependence graphs (PDG) and path conditions (as described in [13]). Although path conditions provide an already precise abstraction that can be used to generate witnesses to the illegal flow, they may still cause false alarms. Our CEGAR process recognizes false witnesses by executing them and monitoring their executions, and eliminates them by automatically refining path conditions in an iterative way as needed. The paper sketches the foundations of CEGAR and PDG-based IFC, and describes the approach in detail. An example shows how the approach finds illegal flow, and demonstrates how CEGAR eliminates false alarms.

Download

  [PDF]

BibTeX

Authors at the institute

Department Head
Prof. Gregor Snelting

Projects

Project
IFC for Mobile Components
VALSOFT/Joana