Sciweavers

IJNSEC
2007

Java Bytecode Dependence Analysis for Secure Information Flow

13 years 11 months ago
Java Bytecode Dependence Analysis for Secure Information Flow
Java programs can be transmitted and executed on another host in bytecode format, thus the sensitive information of the host may be leaked via these assembly-like programs. Information flow policy can ensure data confidentiality, however, conventional information flow analysis mainly focused on the programs written in high-level programming languages and is generally performed by type checking approach, which assigns security classes to the variables then verifies information flow policy in program executing order. These approaches are inadequate to address the information flow in bytecode and the type systems verification method is imprecise. This paper presents a method to disclose java bytecode information flow by dependence analysis, in which the information flow analysis is separated to two phases to improve precision. First is determining information dependence relationship among the variables in the bytecode then is verifying the security based on security class. A pro...
Gaowei Bian, Ken Nakayama, Yoshitake Kobayashi, Ma
Added 15 Dec 2010
Updated 15 Dec 2010
Type Journal
Year 2007
Where IJNSEC
Authors Gaowei Bian, Ken Nakayama, Yoshitake Kobayashi, Mamoru Maekawa
Comments (0)