A Type System for Quantified Information-Flow Security in Java-Like Languages

Abstract

Quantified information-flow policies put an upper bound on the allowable amount of information flow from high inputs to low outputs of a program. Earlier research in this area has mainly focused on simple imperative languages. In this paper, we present a type system that derives the amount of information flow in the programs of a Java-like language. For this purpose, we adopt the Middlewieght Java (MJ) which is small enough for formal proofs, although it is a proper subset of Java with a fairly rich set of features. Promotable expressions, which also behave as statements, as well as method invocations and the loops they may create are of particular attention in the study of quantified information flow in such a language. We prove that our typing rules are sound and derive correct bounds of information flow for a given program. The proofs are based on a denotational semantics for MJ that we propose as part of this research.