Geodesic
A Translator with a Security Static Analysis Feature of an Information Flow for a Simple Programming Language
Modelirovanie i analiz informacionnyh sistem, Tome 21 (2014) no. 4, pp. 5-12.

Voir la notice de l'article provenant de la source Math-Net.Ru

We consider while-language programs with variables of two security types: low and high. Security static analysis of information flows of such programs identifies insecure information flows which can cause leaks. Semantic rules of such an analysis which was proposed in [6] assign security types for expressions, operators and compositions of operators. We use these rules to propose an algorithm of security static analysis to discover a security type of the program under consideration. If such a type can be assigned, information flows of the program are secure; otherwise, it contains insecure information flows. We have used flex and bison [5] tools to implement a translator for a while-language into the MMIX computer [2] instruction sequence.
Keywords: language security, static analysis, information flow. 
@article{MAIS_2014_21_4_a0,
     author = {E. Ju. Antoshina and A. N. Barakova and E. S. Nikitin and D. Ju. Chalyy},
     title = {A {Translator} with a {Security} {Static} {Analysis} {Feature} of an {Information} {Flow} for a {Simple} {Programming} {Language}},
     journal = {Modelirovanie i analiz informacionnyh sistem},
     pages = {5--12},
     publisher = {mathdoc},
     volume = {21},
     number = {4},
     year = {2014},
     language = {ru},
     url = {http://geodesic.mathdoc.fr/item/MAIS_2014_21_4_a0/}
}
TY  - JOUR
AU  - E. Ju. Antoshina
AU  - A. N. Barakova
AU  - E. S. Nikitin
AU  - D. Ju. Chalyy
TI  - A Translator with a Security Static Analysis Feature of an Information Flow for a Simple Programming Language
JO  - Modelirovanie i analiz informacionnyh sistem
PY  - 2014
SP  - 5
EP  - 12
VL  - 21
IS  - 4
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/MAIS_2014_21_4_a0/
LA  - ru
ID  - MAIS_2014_21_4_a0
ER  - 
%0 Journal Article
%A E. Ju. Antoshina
%A A. N. Barakova
%A E. S. Nikitin
%A D. Ju. Chalyy
%T A Translator with a Security Static Analysis Feature of an Information Flow for a Simple Programming Language
%J Modelirovanie i analiz informacionnyh sistem
%D 2014
%P 5-12
%V 21
%N 4
%I mathdoc
%U http://geodesic.mathdoc.fr/item/MAIS_2014_21_4_a0/
%G ru
%F MAIS_2014_21_4_a0
E. Ju. Antoshina; A. N. Barakova; E. S. Nikitin; D. Ju. Chalyy. A Translator with a Security Static Analysis Feature of an Information Flow for a Simple Programming Language. Modelirovanie i analiz informacionnyh sistem, Tome 21 (2014) no. 4, pp. 5-12. http://geodesic.mathdoc.fr/item/MAIS_2014_21_4_a0/

[1] Devyanin P. N., Modeli bezopasnosti kompjuternyx sistem, Uchebnoe posobie dlja studentov vysshix uchebnyx zavedenii, Akademija, M., 2005, 144 pp. (in Russian)

[2] D. E. Knuth, The Art of Computer Programming, v. 1, Newly available sections of the classic work, 1, MMIX — A RISC Computer for the New Millenium, Addison-Wesley Professional, 2005, 144 pp. | MR

[3] D. Grune, C. J. H. Jacobs, Parsing Techniques. A Practical Guide, 2nd ed., Springer, 2008, 664 pp.

[4] C. A. R. Hoare, “An Axiomatic Basis for Computer Programming”, Communications of the ACM, 12:10 (1969), 576–580 | DOI | Zbl

[5] J. Levine, Flex bison, O'Reilly Media, 2009, 292 pp.

[6] A. Sabelfeld, A. C. Myers, “Language-Based Information-Flow Security”, IEEE Journal on Selected Areas in Communications, 21 (2003), 5–19 | DOI

[7] SWHILE — while-language translator with security types, (Data dostupa: 22.04.2014) https://bitbucket.org/kafti/swhile