Automating information flow control in component-based distributed systems

CompArch'11 - Proceedings of the 2011 Federated Events on Component-Based Software Engineering and Software Architecture - CBSE'11

Volumn , Issue , 2011, Pages 73-82

  Abdellatif, Takoua ^a   Sfaxi, Lilia ^b,c   Robbana, Riadh ^b,d   Lakhnech, Yassine ^c,e  

^a UNIVERSITY OF SOUSSE   (Tunisia)

^b LIP2 Laboratory   (Tunisia)

^c VERIMAG   (France)

^d UNIVERSITY OF CARTHAGE   (Tunisia)

^e UNIV GRENOBLE ALPES   (France)

Author keywords

component based distributed system; information flow control; secure system configuration and deployment

Indexed keywords

COMPONENT BASED; DISTRIBUTED SYSTEMS; INFORMATION FLOW CONTROL; INFORMATION FLOWS; PERFORMANCE EVALUATION; POLICY CONFIGURATIONS; SECURE SYSTEM CONFIGURATION AND DEPLOYMENT; SECURITY CODES; SECURITY LEAK; SECURITY PROPERTIES; SYSTEM SECURITY;

FLOW CONTROL; SECURITY SYSTEMS; SOFTWARE ARCHITECTURE;

NETWORK SECURITY;

EID: 79960535780     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2000229.2000241     Document Type: Conference Paper

References (32)

1. Object security site, 2001. http://www.objectsecurity.com.
2. Jif web site, 2002. http://www.cs.cornell.edu/jif/.
3. Software metrics eclipse plugin, 2003. http://metrics.sourceforge.net.
4. Yourkit java profiler, 2005. http://www.yourkit.com/.
5. Enhancing IT Security with Trusted Computing Group, November 2006. Dell Power Solutions.
6. OSOA web site, 2007. http://www.osoa.org/.
7. The Trusted Platform Module, March 2009. https://www. trustedcomputinggroup.org/.
8. P. Adão and C. Fournet. Cryptographically sound implementations for communicating processes. In ICALP (2), pages 83-94. Springer, 2006.
9. D. Basin, J. Doser, and T. Lodderstedt. Model driven security: From uml models to access control infrastructures. ACM Trans. Softw. Eng. Methodol., 15(1):39-91, 2006.
10. M. Beisiegel, H. Blohm, D. Booz, M. Edwards, O. Hurley, S. Ielceanu, A. Miller, A. Karmarkar, A. Malhotra, and J. Marino. SCA service component architecture-assembly model specification. SCA Version 0.9, November, 2005.
11. D. E. Bell and L. J. LaPadula. Secure computer system: Unified exposition and multics interpretation. Technical Report ESD-TR-75-306, MITRE Corp. MTR-2997, Bedford, MA, 1975. Available at NTIS AD-A023 588.
12. K. J. Biba. Integrity considerations for secure computer systems. Technical report, USAF Electronic Systems Division, Bedford, MA, 1977.
13. L. Chmielewski, R. Brinkman, J.-H. Hoepman, and B. Bos. Using jason to secure soa. In Middleware Security, pages 13-18, 2008.
14. S. Chong, K. Vikram, and A. C. Myers. Sif: Enforcing confidentiality and integrity in web applications. In Proceedings of the 16th USENIX Security Symposium, pages 1-16, August 2007.
15. J. Courant, C. Ene, and Y. Lakhnech. Computationally sound typing for non-interference: the case of deterministic encryption. In Proceedings of the 27th international conference on Foundations of software technology and theoretical computer science, FSTTCS'07, pages 364-375, Berlin, Heidelberg, 2007. Springer-Verlag.
16. D. E. Denning and P. J. Denning. Certification of programs for secure information flow. Commun. ACM, 20(7):504-513, 1977.
17. P. Efstathopoulosssssssssssssss, M. Krohn, S. VanDeBogart, C. Frey, D. Ziegler, E. Kohler, D. Mazières, F. Kaashoek, and R. Morris. Labels and event processes in the asbestos operating system. SIGOPS Oper. Syst. Rev., 39(5):17-30, 2005. (Pubitemid 44892202)
18. D. M. Eyers, B. Roberts, J. Bacon, I. Papagiannis, M. Migliavacca, P. Pietzuch, and B. Shand. Event-processing middleware with information flow control. In Middleware '09: Proceedings of the 10th ACM/IFIP/USENIX International Conference on Middleware, pages 1-2, New York, NY, USA, 2009. Springer-Verlag New York, Inc.
19. C. Fournet, G. Le Guernic, and T. Rezk. A security-preserving compiler for distributed programs: from information-flow policies to cryptographic mechanisms. In CCS '09: Proceedings of the 16th ACM conference on Computer and communications security, pages 432-441, New York, USA, 2009. ACM.
20. C. Fournet and T. Rezk. Cryptographically sound implementations for typed information-flow security. In POPL, pages 323-335. ACM, 2008.
21. J. A. Goguen and J. Meseguer. Security policies and security models. In IEEE Symposium on Security and Privacy, pages 11-20, 1982.
22. N. Heintze and J. G. Riecke. The slam calculus: Programming with secrecy and integrity. In POPL, pages 365-377, 1998.
23. M. Krohn, A. Yip, M. Brodsky, N. Cliffer, M. F. Kaashoek, E. Kohler, and R. Morris. Information flow control for standard os abstractions. SIGOPS Oper. Syst. Rev., 41(6):321-334, 2007.
24. P. Laud. Semantics and program analysis of computationally secure information flow. In Proceedings of the 10th European Symposium on Programming Languages and Systems, ESOP '01, pages 77-91, London, UK, 2001. Springer-Verlag.
25. P. Laud. On the computational soundness of cryptographically masked flows. In Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages, POPL '08, pages 337-348, New York, NY, USA, 2008. ACM.
26. N. Nystrom, M. R. Clarkson, and A. C. Myers. Polyglot: An extensible compiler framework for java. In In 12th International Conference on Compiler Construction, pages 138-152. Springer-Verlag, 2003.
27. A. Sabelfeld and D. Sands. Declassification: Dimensions and principles. In Proceedings of the 18th IEEE Workshop on Computer Security Foundations (CSFWŠ05), pages 255-269, 2005.
28. D. M. Volpano, C. E. Irvine, and G. Smith. A sound type system for secure flow analysis. Journal of Computer Security, 4(2/3):167-188, 1996.
29. S. Zdancewic. Challenges for information-flow security. In Proceedings of the 1st International Workshop on the Programming Language Interference and Dependence (PLIDŠ04). Citeseer, 2004.
30. S. Zdancewic, L. Zheng, N. Nystrom, and A. C. Myers. Secure program partitioning. ACM Trans. Comput. Syst., 20(3):283-328, 2002.
31. N. Zeldovich, S. Boyd-Wickizer, E. Kohler, and D. Mazières. Making information flow explicit in histar. In OSDI '06: Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation, pages 19-19, Berkeley, CA, USA, 2006. USENIX Association.
32. N. Zeldovich, S. B. Wickizer, and D. Mazières. Securing distributed systems with information flow control. In NSDI'08: Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation, pages 293-308, Berkeley, CA, USA, 2008. USENIX Association.