{"title":"分析类的非干涉性","authors":"D. Zanardini","doi":"10.1142/9789812770998_0009","DOIUrl":null,"url":null,"abstract":"The information flow property of Non-Interference was recen tly relaxed into Abstract NonInterference (ANI), a weakened version where attackers can only observe properties of data, rather than their exact value. ANI was originally defin ed on integers: a property models the set of numbers satisfying it. The present work proposes an Object-Oriented, Javabased formulation of ANI, where data take the form of objects, and the observed property comes to be their class. Relevant data are stored in fields; th e execution of a program is taken to be the invocation of some (public) method by an external user; a class is secure if, for all its public methods, the class of its public data after the execution does not depend on the initial class of its private data. The relation ANI lie s in the representation of abstract domains as class hierarchies: upper closure operators map objects into the smallest class they belong to. An analyzer for a non-trivial subset of Java is illustrated, which is sound since programs are never misclassified as secure.","PeriodicalId":212849,"journal":{"name":"Italian Conference on Theoretical Computer Science","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Analyzing Non-Interference with respect to Classes\",\"authors\":\"D. Zanardini\",\"doi\":\"10.1142/9789812770998_0009\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The information flow property of Non-Interference was recen tly relaxed into Abstract NonInterference (ANI), a weakened version where attackers can only observe properties of data, rather than their exact value. ANI was originally defin ed on integers: a property models the set of numbers satisfying it. The present work proposes an Object-Oriented, Javabased formulation of ANI, where data take the form of objects, and the observed property comes to be their class. Relevant data are stored in fields; th e execution of a program is taken to be the invocation of some (public) method by an external user; a class is secure if, for all its public methods, the class of its public data after the execution does not depend on the initial class of its private data. The relation ANI lie s in the representation of abstract domains as class hierarchies: upper closure operators map objects into the smallest class they belong to. An analyzer for a non-trivial subset of Java is illustrated, which is sound since programs are never misclassified as secure.\",\"PeriodicalId\":212849,\"journal\":{\"name\":\"Italian Conference on Theoretical Computer Science\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Italian Conference on Theoretical Computer Science\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1142/9789812770998_0009\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Italian Conference on Theoretical Computer Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1142/9789812770998_0009","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Analyzing Non-Interference with respect to Classes
The information flow property of Non-Interference was recen tly relaxed into Abstract NonInterference (ANI), a weakened version where attackers can only observe properties of data, rather than their exact value. ANI was originally defin ed on integers: a property models the set of numbers satisfying it. The present work proposes an Object-Oriented, Javabased formulation of ANI, where data take the form of objects, and the observed property comes to be their class. Relevant data are stored in fields; th e execution of a program is taken to be the invocation of some (public) method by an external user; a class is secure if, for all its public methods, the class of its public data after the execution does not depend on the initial class of its private data. The relation ANI lie s in the representation of abstract domains as class hierarchies: upper closure operators map objects into the smallest class they belong to. An analyzer for a non-trivial subset of Java is illustrated, which is sound since programs are never misclassified as secure.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
