Information-flow aware virtual machines: Foundations for trustworthy computing

Proceedings - Cybersecurity Applications and Technology Conference for Homeland Security, CATCH 2009

Volumn , Issue , 2009, Pages 91-96

  Franz, Michael ^a  

^a Irvine   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

APPLICATION PROGRAMS; INFORMATION FLOWS; RUNTIME; SOFTWARE SYSTEMS; TRUSTED COMPUTING BASIS; TRUSTWORTHY COMPUTING; VIRTUAL MACHINES;

COMPUTER SOFTWARE;

EID: 66249098852     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CATCH.2009.45     Document Type: Conference Paper

References (29)

1. M. Abadi, B. Lampson, and J.-J. Levy. Analysis and caching of dependencies. In ICFP '96: Proceedings of the First ACM SIGPLAN International Conference on Functional Programming, pages 83-91, 1996. (Pubitemid 126669211)
2. J.-P. Banâtre and C. Bryce. Information flow control in a parallel language framework. In CSFW '93: Proceedings of the 6th IEEE Computer Security Foundations Workshop, pages 39-52, 1993.
3. A. Banerjee and D. A. Naumann. Secure information flow and pointer confinement in a java-like language. In CSFW '02: Proceedings of the 15th IEEE Computer Security Foundations Workshop, pages 253-267, 2002.
4. H. Barendregt. The Lambda Calculus, Its Syntax and Semantics. North-Holland, 1984.
5. D. Bell and L. LaPadula. Secure computer systems: mathematical foundations. Report MTR 2547 v2, MITRE, November 1973.
6. C. Bernardeschi, N. D. Francesco, and G. Lettieri. Using standard verifier to check secure information flow in java bytecode. In COMPSAC '02: Proceedings of the 26th International Computer Software and Applications Conference, pages 850-855, 2002.
7. C. Bodei, P. Degano, F. Nielson, and H. Riis Nielson. Static analysis for the-calculus with applications to security. Information and Computation, 168:68-92, 2001.
8. D. Chandra and M. Franz. Fine-grained information flow analysis and enforcement in a Java virtual machine. In 23rd Annual Computer Security Applications Conference (ACSAC 2007), pages 463-474. IEEE Computer Society Publications, December 2007.
9. D. E. Denning. A lattice model of secure information flow. Communications of the ACM, 19(5):236-243, 1976.
10. D. E. Denning and P. J. Denning. Certification of programs for secure information flow. Communications of the ACM, 20(7):504-513, 1977.
11. U. Erlingsson and F. B. Schneider. SASI Enforcement of Security Policies: A Retrospective. In New Security Paradigms Workshop, pages 87-95, Ontario, Canada, 22-24 1999. ACM SIGSAC, ACM Press.
12. D. Evans and D. Larochelle. Improving security using extensible lightweight static analysis. IEEE Software, Jan/Feb, 2002. (Pubitemid 34069369)
13. R. J. Feiertag, K. N. Levitt, and L. Robinson. Proving multilevel security of a system design. In SOSP '77: Proceedings of the sixth ACM symposium on Operating systems principles, pages 57-65, 1977.
14. J. Fenton. Information Protection Systems. PhD thesis, University of Cambridge, England, 1973.
15. M. Franz. Containing the ultimate Trojan Horse. IEEE Security and Privacy, 5(4):64-68, July 2007. (Pubitemid 47274800)
16. M. Franz. Eliminating trust from application programs by way of software architecture. In Proceedings of Software Engineering 2008 (SE 2008), number 121 in Lecture Notes in Informatics, pages 112-126, February 2008.
17. V. Haldar, D. Chandra, and M. Franz. Dynamic taint propagation for Java. In Twenty-First Annual Computer Security Applications Conference (ACSAC 2005), pages 274- 282. IEEE Computer Society Publications, December 2005. (Pubitemid 46116486)
18. N. Heintze and J. G. Riecke. The SLam calculus: programming with secrecy and integrity. In POPL '98: Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pages 365-377, 1998.
19. Y.-W. Huang, F. Yu, C. Hang, C.-H. Tsai, D.-T. Lee, and S.-Y. Kuo. Securing web application code by static analysis and runtime protection. In WWW '04: Proceedings of the 13th international World Wide Web conference, pages 40- 52, 2004.
20. P. A. Karger, T. E. Leonard, and A. H. Mason. Computer with virtual machine mode and multiple protection rings, U.S. Patent No. 4787031, November 1988.
21. J. K. Millen. Information flow analysis of formal specifications. In SP '81: Proceedings of the 1981 IEEE Symposium on Security and Privacy, page 3, 1981.
22. M. Mizuno and D. A. Schmidt. A security flow control algorithm and its denotational semantics correctness proof. Formal Aspects of Computing, 4(6A):727-754, 1992.
23. A. C. Myers. JFlow: Practical mostly-static information flow control. In Symposium on Principles of Programming Languages, pages 228-241, 1999.
24. A. C. Myers. Mostly-static decentralized information flow control. PhD thesis, Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1999.
25. R. Rhode. Secure multilevel virtual computer systems. Technical Report ESD-TR-74-370, MITRE Corp., Bedford, Massachussetts, 1975.
26. U. Shankar, K. Talwar, J. S. Foster, and D. Wagner. Detecting format string vulnerabilities with type qualifiers. In 10th USENIX Security Symposium, pages 201-220, 2001.
27. N. Vachharajani, M. J. Bridges, J. Chang, R. Rangan, G. Ottoni, J. A. Blome, G. A. Reis, M. Vachharajani, and D. I. August. Rifle: An architectural framework for user-centric information-flow security. In 37th International Symposium on Microarchitecture, December 2004.
28. D. Volpano, G. Smith, and C. Irvine. A sound type system for secure flow analysis. Journal of Computer Security, 4(3):167-187, 1996.
29. C. Weissman. Secure computer operation with virtual machine partitioning. In National Computer Conference, May 19-22, 1975, Anaheim, California, pages 929-934, 1975.