Dynamic label binding at run-time

Information flow control allows enforcement of end-to-end confidentiality policies but has been difficult to put in practice. This paper introduces a pragmatic new approach for tracking information flow while the process is running at the same time applying dynamic label binding. The underlying implementation mechanism uses machine code instruction stream modification to track individual data movements and manipulations within the address space of an application. This gives the ability to precisely determine all information flow causing operations and apply controls that do not overly restrict what computations can be performed.

[1]  David Sands,et al.  Probabilistic noninterference for multi-threaded programs , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[2]  John McHugh,et al.  An Information Flow Tool for Gypsy An Extended Abstract Revisited , 2001 .

[3]  Crispin Cowan,et al.  Linux security modules: general security support for the linux kernel , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[4]  Len LaPadula,et al.  Secure Computer Systems: A Mathematical Model , 1996 .

[5]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[6]  C. Cifuentes,et al.  Interprocedural Data Flow Recovery of High-Level Language Code from Assembly , 1997 .

[7]  Thomas F. Knight,et al.  A Minimal Trusted Computing Base for Dynamically Ensuring Secure Information Flow , 2001 .

[8]  Andrew W. Appel,et al.  Using memory errors to attack a virtual machine , 2003, 2003 Symposium on Security and Privacy, 2003..

[9]  Peter Herrmann Information flow analysis of component-structured applications , 2001, Seventeenth Annual Computer Security Applications Conference.

[10]  David Clark,et al.  Quantitative Analysis of the Leakage of Confidential Data , 2002, QAPL.

[11]  Geoffrey Smith,et al.  A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..

[12]  Richard J. Lipton,et al.  The enforcement of security policies for computation , 1975, J. Comput. Syst. Sci..

[13]  Jeffrey S. Fenton Memoryless Subsystems , 1974, Comput. J..

[14]  Doug Simon,et al.  Assembly to high-level language translation , 1998, Proceedings. International Conference on Software Maintenance (Cat. No. 98CB36272).

[15]  John McHugh An Information Flow Tool for Gypsy , 1985, 1985 IEEE Symposium on Security and Privacy.

[16]  L.,et al.  SECURE COMPUTER SYSTEMS : MATHEMATICAL FOUNDATIONS , 2022 .

[17]  Andrew C. Myers,et al.  A decentralized model for information flow control , 1997, SOSP.

[18]  Timothy Fraser,et al.  LOMAC: Low Water-Mark integrity protection for COTS environments , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[19]  Daniel Le Métayer,et al.  Compile-Time Detection of Information Flow in Sequential Programs , 1994, ESORICS.

[20]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[21]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[22]  Úlfar Erlingsson,et al.  SASI enforcement of security policies: a retrospective , 1999, NSPW '99.

[23]  Andrew C. Myers,et al.  JFlow: practical mostly-static information flow control , 1999, POPL '99.

[24]  Beng-Hong Lim,et al.  Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor , 2001, USENIX Annual Technical Conference, General Track.

[25]  Derek Bruening,et al.  Secure Execution via Program Shepherding , 2002, USENIX Security Symposium.

[26]  Simon N. Foley,et al.  A security model of dynamic labelling providing a tiered approach to verification , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.