TY - JOUR
T1 - Hybrid static-runtime information flow and declassification enforcement
AU - Pontes Soares Rocha, B.
AU - Conti, M.
AU - Etalle, S.
AU - Crispo, B.
PY - 2013
Y1 - 2013
N2 - There are different paradigms for enforcing information flow and declassification policies. These approaches can be divided into static analyzers and runtime enforcers. Each class has its own strengths and weaknesses, each being able to enforce a different set of policies. In this paper we introduce a hybrid staticruntime enforcement mechanism that works on unannotated program code and supports information-flow control, as well as declassification policies. Our approach manages to enforce realistic policies, as shown by our three running examples, all within the context of a mobile device application, which cannot be handled separately by static or runtime approaches, and are also not covered by current access control models of mobile platforms such as Android or iOS. We also show that including an intermediate step (called pre-load check) makes both the static analysis system independent (in terms of security labels) and the runtime enforcer lightweight. Finally, we implement our runtime enforcer and run experiments that show that its overhead is so low that the approach can be rolled out on current mobile systems.
Keywords: Data security, information security.
AB - There are different paradigms for enforcing information flow and declassification policies. These approaches can be divided into static analyzers and runtime enforcers. Each class has its own strengths and weaknesses, each being able to enforce a different set of policies. In this paper we introduce a hybrid staticruntime enforcement mechanism that works on unannotated program code and supports information-flow control, as well as declassification policies. Our approach manages to enforce realistic policies, as shown by our three running examples, all within the context of a mobile device application, which cannot be handled separately by static or runtime approaches, and are also not covered by current access control models of mobile platforms such as Android or iOS. We also show that including an intermediate step (called pre-load check) makes both the static analysis system independent (in terms of security labels) and the runtime enforcer lightweight. Finally, we implement our runtime enforcer and run experiments that show that its overhead is so low that the approach can be rolled out on current mobile systems.
Keywords: Data security, information security.
U2 - 10.1109/TIFS.2013.2267798
DO - 10.1109/TIFS.2013.2267798
M3 - Article
SN - 1556-6013
VL - 8
SP - 1294
EP - 1305
JO - IEEE Transactions on Information Forensics and Security
JF - IEEE Transactions on Information Forensics and Security
IS - 8
ER -