%0 Conference Proceedings
%T Noninterference via Symbolic Execution
%+ Distributed Systems and Computer Networks (DistriNet)
%+ FUTURE HEALTH DEPARTMENT [KU Leuven] (KU-IBBT)
%A Milushev, Dimiter
%A Beck, Wim
%A Clarke, Dave
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 14th International Conference on Formal Methods for Open Object-Based Distributed Systems (FMOODS) / 32nd International Conference on Formal Techniques for Networked and Distributed Systems (FORTE)
%C Stockholm, Sweden
%Y Holger Giese
%Y Grigore Rosu
%I Springer
%3 Formal Techniques for Distributed Systems
%V LNCS-7273
%P 152-168
%8 2012-06-13
%D 2012
%R 10.1007/978-3-642-30793-5_10
%K Noninterference
%K declassification
%K symbolic execution
%K testing
%Z Computer Science [cs]
%Z Computer Science [cs]/Networking and Internet Architecture [cs.NI]Conference papers
%X Noninterference is a high-level security property that guarantees the absence of illicit information flow at runtime. Noninterference can be enforced statically using information flow type systems; however, these are criticized for being overly conservative and rejecting secure programs. More precision can be achieved by using program logics, but such an approach lacks its own verification tools. In this work we propose a novel, alternative approach: utilizing symbolic execution in combination with ideas from program logics in an attempt to increase the precision of analyses and automate noninterference testing. Dealing with policies incorporating declassification is also explored. The feasibility of the proposal is illustrated using a prototype tool based on the KLEE symbolic execution engine.
%G English
%Z TC 6
%Z WG 6.1
%2 https://inria.hal.science/hal-01528732/document
%2 https://inria.hal.science/hal-01528732/file/978-3-642-30793-5_10_Chapter.pdf
%L hal-01528732
%U https://inria.hal.science/hal-01528732
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC6
%~ IFIP-WG6-1
%~ IFIP-FORTE
%~ IFIP-FMOODS
%~ IFIP-LNCS-7273