A Translator with a Security Static Analysis Feature of an Information Flow for a Simple Programming Language

E. Ju. Antoshina; A. N. Barakova; E. S. Nikitin; D. Ju. Chalyy

Geodesic

Parcourir par

A Translator with a Security Static Analysis Feature of an Information Flow for a Simple Programming Language

E. Ju. Antoshina ; A. N. Barakova ; E. S. Nikitin ; D. Ju. Chalyy

Modelirovanie i analiz informacionnyh sistem, Tome 21 (2014) no. 4, pp. 5-12

Voir la notice de l'article provenant de la source Math-Net.Ru

Résumé

We consider while-language programs with variables of two security types: low and high. Security static analysis of information flows of such programs identifies insecure information flows which can cause leaks. Semantic rules of such an analysis which was proposed in [6] assign security types for expressions, operators and compositions of operators. We use these rules to propose an algorithm of security static analysis to discover a security type of the program under consideration. If such a type can be assigned, information flows of the program are secure; otherwise, it contains insecure information flows. We have used flex and bison [5] tools to implement a translator for a while-language into the MMIX computer [2] instruction sequence.

Keywords: language security, static analysis, information flow.

@article{MAIS_2014_21_4_a0,
     author = {E. Ju. Antoshina and A. N. Barakova and E. S. Nikitin and D. Ju. Chalyy},
     title = {A {Translator} with a {Security} {Static} {Analysis} {Feature} of an {Information} {Flow} for a {Simple} {Programming} {Language}},
     journal = {Modelirovanie i analiz informacionnyh sistem},
     pages = {5--12},
     publisher = {mathdoc},
     volume = {21},
     number = {4},
     year = {2014},
     language = {ru},
     url = {http://geodesic.mathdoc.fr/item/MAIS_2014_21_4_a0/}
}

TY  - JOUR
AU  - E. Ju. Antoshina
AU  - A. N. Barakova
AU  - E. S. Nikitin
AU  - D. Ju. Chalyy
TI  - A Translator with a Security Static Analysis Feature of an Information Flow for a Simple Programming Language
JO  - Modelirovanie i analiz informacionnyh sistem
PY  - 2014
SP  - 5
EP  - 12
VL  - 21
IS  - 4
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/MAIS_2014_21_4_a0/
LA  - ru
ID  - MAIS_2014_21_4_a0
ER  -

%0 Journal Article
%A E. Ju. Antoshina
%A A. N. Barakova
%A E. S. Nikitin
%A D. Ju. Chalyy
%T A Translator with a Security Static Analysis Feature of an Information Flow for a Simple Programming Language
%J Modelirovanie i analiz informacionnyh sistem
%D 2014
%P 5-12
%V 21
%N 4
%I mathdoc
%U http://geodesic.mathdoc.fr/item/MAIS_2014_21_4_a0/
%G ru
%F MAIS_2014_21_4_a0

E. Ju. Antoshina; A. N. Barakova; E. S. Nikitin; D. Ju. Chalyy. A Translator with a Security Static Analysis Feature of an Information Flow for a Simple Programming Language. Modelirovanie i analiz informacionnyh sistem, Tome 21 (2014) no. 4, pp. 5-12. http://geodesic.mathdoc.fr/item/MAIS_2014_21_4_a0/