Sciweavers

PLDI
2006
ACM

Combining type-based analysis and model checking for finding counterexamples against non-interference

14 years 6 months ago
Combining type-based analysis and model checking for finding counterexamples against non-interference
Type systems for secure information flow are useful for efficiently checking that programs have secure information flow. They are, however, conservative, so that they often reject safe programs as ill-typed. Accordingly, users have to check whether the rejected programs indeed have insecure flows. To remedy this problem, we propose a method for automatically finding a counterexample of secure information flow (input states that actually lead to leakage of secret information). Our method is a novel combination of typebased analysis and model checking; Suspicious execution paths (that may cause insecure information flow) are first found by using the result of a type-based information flow analysis, and then a model checker is used to check whether the paths are indeed unsafe. We have formalized and implemented the method. The result of preliminary experiments shows that our method can often find counterexamples faster than a method using a model checker alone. Categories and S...
Hiroshi Unno, Naoki Kobayashi, Akinori Yonezawa
Added 14 Jun 2010
Updated 14 Jun 2010
Type Conference
Year 2006
Where PLDI
Authors Hiroshi Unno, Naoki Kobayashi, Akinori Yonezawa
Comments (0)