2011 IEEE 24th Computer Security Foundations Symposium (2011)
June 27, 2011 to June 29, 2011
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSF.2011.17
Hybrid information-flow monitors use a combination of static analysis and dynamic mechanisms to provide precise strong information security guarantees. However, unlike purely static mechanisms for information security, hybrid information-flow monitors incur run-time overhead. We show how static analyses can be used to make hybrid information-flow monitors more efficient, in two ways. First, a simple static analysis can determine when it is sound for a monitor to stop tracking the security level of certain variables. This potentially reduces run-time overhead of the monitor, particularly in applications where sensitive (i.e., confidential or untrusted) data is infrequently introduced to the system. Second, we derive sufficient conditions for soundly incorporating a wide range of memory abstractions into information-flow monitors. This allows the selection of a memory abstraction that gives an appropriate tradeoff between efficiency and precision. It also facilitates the development of innovative and sound memory abstractions that use run-time security information maintained by the monitor. We present and prove our results by extending the information-flow monitor of Russo and Sabelfeld (2010). These results bring us closer to efficient, sound, and precise enforcement of information security.
information-flow control, hybrid information-flow monitors, dynamic information-flow monitors
S. Chong and S. Moore, "Static Analysis for Efficient Hybrid Information-Flow Control," 2011 IEEE 24th Computer Security Foundations Symposium(CSF), Cernay-la-Ville, France, 2011, pp. 146-160.