Sciweavers

CSFW
2006
IEEE

Noninterference in the Presence of Non-Opaque Pointers

14 years 5 months ago
Noninterference in the Presence of Non-Opaque Pointers
A common theoretical assumption in the study of information flow security in Java-like languages is that pointers are opaque – i.e., that the only properties that can be observed of pointers are the objects to which they point, and (at most) their equality. These assumptions often fail in practice. For example, various important operations in Java’s standard API, such as hashcodes or serialization, might break pointer opacity. As a result, information-flow static analyses which assume pointer opacity risk being unsound in practice, since the pointer representation provides an unchecked implicit leak. We investigate information flow in the presence of non-opaque pointers for an imperative language with records, pointer instructions and exceptions, and develop an information flow aware type system which guarantees noninterference.
Daniel Hedin, David Sands
Added 10 Jun 2010
Updated 10 Jun 2010
Type Conference
Year 2006
Where CSFW
Authors Daniel Hedin, David Sands
Comments (0)