A Virtual Machine Based Information Flow Control System for Policy Enforcement

Electronic Notes in Theoretical Computer Science

Volumn 197, Issue 1, 2008, Pages 3-16

  Nair, Srijith K ^a   Simpson, Patrick N D ^a   Crispo, Bruno ^a,b   Tanenbaum, Andrew S ^a  

^a VU UNIVERSITY AMSTERDAM   (Netherlands)

^b UNIVERSITY OF TRENTO   (Italy)

Author keywords

Information Flow; Policy Enforcement; Run time Monitoring

Indexed keywords

COMPUTER ARCHITECTURE; COMPUTER CONTROL; JAVA PROGRAMMING LANGUAGE;

INFORMATION FLOW; POLICY ENFORCEMENT; RUN-TIME MONITORING;

FLOW CONTROL;

EID: 39149090024     PISSN: 15710661     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.entcs.2007.10.010     Document Type: Article

References (22)

1. R. Sailer, X. Zhang, T. Jaeger, L. van Doorn, Design and Implementation of a TCG-based Integrity Measurement Architecture, 13th Usenix Security Symposium, San Diego, California, August 2004
2. Denning D.E. A lattice model of secure information flow. Communications of the ACM 19 5 (1976) 236-243
3. Fenton J.S. An abstract computer model demonstrating directional information flow (1974), University of Cambridge
4. Denning D.E., and Denning P.J. Certification of programs for secure information flow. Communications of the ACM 20 7 (1977) 504-513
5. N. Zeldovich, S. Boyd-Wickizer, E. Kohler, and D. Mazieres, Making information flow explicit in HiStar, Proc. 7th Symposium on Operating Systems Design and Implementation, pp. 263-278, 2006
6. Gong L. Inside Java 2 Platform Security: Architecture, API Design, and Implementation. The Java Series (1999), Addison-Wesley, Reading, MA, USA
7. Kaffe.org (2007). http://www.kaffe.org/
8. Sabelfeld A., and Myers A.C. Language-based information-flow security. IEEE Journal on Selected Areas in Communications 21 1 (2003) 5-19
9. E. Gluzberg and S. Fink, An Evaluation of Java System Services with Microbenchmarks, IBM Research Report RC 21715 2/3/2000, 2000
10. Free Software Foundation. GNU Classpath (2007). http://www.gnu.org/software/classpath/
11. J.S. Fenton, Information protection systems, PhD. Thesis, University of Cambridge, 1973
12. I. Gat and H.J. Saal, Memoryless execution: a programmer's viewpoint, IBM Tech. Rep. 025, IBM Israeli Scientific Center, 1975
13. J. Brown and T.F. King Jr, A Minimal Trusted Computing Base for Dynamically Ensuring Secure Information Flow, Tech. Report ARIES-TM-015, MIT, 2001
14. D.E. Denning, Secure information flow in computer systems, Ph.D. Thesis, Purdue U., CSD TR 145, 1975
15. N. Vachharajani, M.J. Bridges, J. Chang, R. Rangan, G. Ottoni, J.A. Blome, G.A. Reis, M. Vachharajani and D.I. August, RIFLE: An Architectural Framework for User-Centric Information-Flow Security, Proceedings of the 37th International Symposium on Microarchitecture, 2004
16. Y. Beres, C.I. Dalton, Dynamic label binding at run-time, Proceedings of the 2003 Workshop on New security paradigms, pp. 39-46, 2003
17. D. Chandra, Information Flow Analysis and Enforcement in Java Bytecode, Ph.D. Thesis, University of California, Irvine, 2006
18. V. Haldar, D. Chandra and M. Franz, Practical, Dynamic Information Flow for Virtual Machines, 2nd International Workshop on Programming Language Interference and Dependence, 2005
19. U. Erlingsson, The inlined reference monitor approach to security policy enforcement, Ph.D. Thesis, Cornell U., 2004
20. Schneider F.B. Enforceable security properties. ACM Transactions on Information and Systems Security 3 1 (2000) 30-50
21. J. Newsome and D.X. Song, Dynamic Taint Analysis for Automatic Detection, Analysis and Signature Generation of Exploits on Commodity Software, 12th Network and Distributed System Security Symposium, 2005
22. A.C. Myers, JFlow: Practical Mostly-Static Information Flow Control, Proceedings of the 26th ACM Symposium on Principles of Programming Languages (POPL), pp. 228-241, San Antonio, Texas, 1999