Sciweavers

PLDI
2015
ACM

Exploring and enforcing security guarantees via program dependence graphs

8 years 7 months ago
Exploring and enforcing security guarantees via program dependence graphs
We present PIDGIN, a program analysis and understanding tool that enables the specification and enforcement of precise applicationspecific information security guarantees. PIDGIN also allows developers to interactively explore the information flows in their applications to develop policies and investigate counter-examples. PIDGIN combines program dependence graphs (PDGs), which precisely capture the information flows in a whole application, with a custom PDG query language. Queries express properties about the paths in the PDG; because paths in the PDG correspond to information flows in the application, queries can be used to specify global security policies. PIDGIN is scalable. Generating a PDG for a 330k line Java application takes 90 seconds, and checking a policy on that PDG takes under 14 seconds. The query language is expressive, supporting a large class of precise, application-specific security guarantees. Policies are separate from the code and do not interfere with test...
Andrew Johnson, Lucas Waye, Scott Moore, Stephen C
Added 16 Apr 2016
Updated 16 Apr 2016
Type Journal
Year 2015
Where PLDI
Authors Andrew Johnson, Lucas Waye, Scott Moore, Stephen Chong
Comments (0)