On Information Flow Forensics in Business Application Scenarios

14 years 6 months ago

Download www.informatik.uni-freiburg.de

To-date, security analysis techniques focus on the explicit access to data, thereby neglecting information ﬂows happening over covert channels. As a result, critical business software applications and their deployment may be labeled secure, whereas in fact they are not. We present ongoing research towards information ﬂow forensics, a novel approach for the a-posteriori detection of information ﬂow. We motivate our work by illustrating the implications of illicit information ﬂow in different software application scenarios and demonstrate why current approaches fall short of effectively enforcing information ﬂow policies in many cases. We show that information ﬂow forensics can mitigate these drawbacks and outline some interesting research challenges involved in its realization.

Claus Wonnemann, Rafael Accorsi, Günter M&uum

Real-time Traffic

COMPSAC 2009 | Information ﬂow | Information ﬂow Forensics | Software Application | Software Engineering |

claim paper

Post Info
More Details (n/a)

Added	20 May 2010
Updated	20 May 2010
Type	Conference
Year	2009
Where	COMPSAC
Authors	Claus Wonnemann, Rafael Accorsi, Günter Müller

Comments (0)

Sciweavers

On Information Flow Forensics in Business Application Scenarios

COMPSAC 2009 | Information ﬂow | Information ﬂow Forensics | Software Application | Software Engineering |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers