Sciweavers

SIGADA
2004
Springer

Enforcing security and safety models with an information flow analysis tool

14 years 4 months ago
Enforcing security and safety models with an information flow analysis tool
Existing security models require that information of a given security level be prevented from “leaking” into lower-security information. High-security applications must be demonstrably free of such leaks, but such demonstration may require substantial manual analysis. Other authors have argued that the natural way to enforce these models automatically is with information-flow analysis, but have not shown this to be practicable for general purpose programming languages in current use. Modern safety-critical systems can contain software components with differing safety integrity levels, potentially operating in the same address space. This case poses problems similar to systems with differing security levels; failure to show separation of data may require the entire system to be validated at the higher integrity level. In this paper we show how the information flow model enforced by the SPARK Examiner provides support for enforcing these security and safety models. We describe a...
Roderick Chapman, Adrian Hilton
Added 02 Jul 2010
Updated 02 Jul 2010
Type Conference
Year 2004
Where SIGADA
Authors Roderick Chapman, Adrian Hilton
Comments (0)