期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于下推系统可达性分析的程序机密消去机制 被引量:1

Declassification Enforcement on Program with Reachability Analysis of Pushdown System
下载PDF
导出
摘要 针对程序语言信息流安全领域的现有机密消去策略,提出了一种基于下推系统可达性分析的程序信息流安全验证机制.将存储-匹配操作内嵌于对抽象模型的紧凑自合成结果中,使得对抽象结果中标错状态的可达性分析可以作为不同机密消去策略下程序安全性的验证机制.实例研究说明,该方法比基于类型系统的方法具有更高的精确性,且比已有的自动验证方法更为高效. The study proposes a verification mechanism enforce existing declassiflcation policies of language-based based on reachability analysis of pushdown system to information flow security. The pushdown rules of store and match primitives are embedded in the abstract model after compact self-composition. The security property with respect to different declassification policies is violated when the illegal-flow state is reached in the pushdown system. The experimental results show improvement in precision, compared with the type-based mechanisms, and growth in effectiveness compared with the RNI-enforcement based on automated verification.
作者 孙聪 唐礼勇 陈钟
机构地区 北京大学信息科学技术学院软件研究所 高可信软件技术教育部重点实验室(北京大学) 网络与软件安全保障教育部重点实验室(北京大学)
出处 《软件学报》 EI CSCD 北大核心 2012年第8期2149-2162,共14页 Journal of Software
基金 国家自然科学基金(60773163 60821003 60872041 60911140102) 国家科技部重大专项(2011ZX03005-002) 中央高校基本科研 业务费专项资金(JY100009030 01) 装备预研基金(9140A15040210HK6101)
关键词 信息流安全 机密消去 下推系统 自动验证 程序分析 information flow security declassification pushdown system automated verification program analysis
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献2

二级参考文献23

  • 1Kong J,Zou C,Zhou H.Improving Software Security via Runti-me Instruction-level Taint Checkingp[C] ∥ Proc.of the 1st Workshop on Architectural and System Support for Improving Software Dependability.Califorria:ACM Press,2006:18-24.
  • 2Lam L,Chiueh T.A General Dynamic Information Flow Trac-king Framework for Security Applications[C] ∥the 22nd Annual Computer Security Applications Conference.Miami Bench,Florida:IEEE Computer Scociety,2006:463-472.
  • 3Newsome J,Song D.Dynamic Taint Analysis for Automatic Detection,Analysis,and Signature Generation of Exploits on Commodity Software[C] ∥Proc.of the Network and Distributed System Security Symposium.Sandiego California,2005.
  • 4Alfond W,Orso A,Manolios P.Using Positive Tainting and Syntax-aware Evaluation to Counter SQL Injection Attacks[C] ∥ Proc.of the 14th ACM SIGSOFT International Symposium on Foundations of Software Engineering.New York:ACM Press,2006:175-185.
  • 5Pietraszek T,Berghe C.Defending Against Injection Attacks Through Context-Sensitive String Evaluation[C] ∥ Proc.of Recent Advances in Intrusion Detection.Seattle,Washington,2005.
  • 6Nguyen T A,Guarnieri S,Greene D,et al.Automatically Harde-ning Web Applications Using Precise Tainting[C] ∥Proc.of the 20th IFIP International Information Security Conference.Chiba,Japan,2005.
  • 7Suh G,Lee J,Zhang D,et al.Secure Program Execution via Dynamic Information Flow Tracking[C] ∥Proc.of the 11th International Conference on Architectural Support for Programming Languages and Operating Systems.New York:ACM Press,2004:85-96.
  • 8Qin F,Wang C,Li Z,et al.LIFT:A Low-overhead Practical Information Flow Tracking System for Detecting Security Attacks[C] ∥Proc.Of the 39th Annual IEEE/ACM International Symposium on Microarchitecture.Florida:IEEE Computer Society,2006:135-148.
  • 9Vachharajani N,Bridges M,Chang J,et al.RIFLE:An Architectural Framework for User-Centric Information-Flow Security[C] ∥Proc.of the 37th Annual IEEE/ACM International Symposium on Microarchitecture.Washington:ACM Press,2004:243-254.
  • 10Leek T,Baker G,Brown R,et al.Coverage Maximization Using Dynamic Taint Tracing[R].TR-1112.MIT Lincoln Laboratory,2007.

共引文献14

同被引文献8

引证文献1

软件学报
2012年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部