Treffer: Checking secure information flow in java bytecode by code transformation and standard bytecode verification

Title:

Checking secure information flow in java bytecode by code transformation and standard bytecode verification

Authors:

C. Bernardeschi, N. De Francesco, G. Lettieri, L. Martini

Contributors:

The Pennsylvania State University CiteSeerX Archives

Source:

http://www2.ing.unipi.it/~o1103499/papers/spe04.pdf.

Collection:

CiteSeerX

Subject Terms:

Security, Information Flow, Java bytecode, Bytecode Verifier

Document Type:

Fachzeitschrift text

File Description:

application/pdf

Language:

English

Relation:

http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.106.5884; http://www2.ing.unipi.it/~o1103499/papers/spe04.pdf

Availability:

http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.106.5884
http://www2.ing.unipi.it/~o1103499/papers/spe04.pdf

Rights:

Metadata may be used without restrictions as long as the oai identifier remains attached to it.

Accession Number:

edsbas.43CEE4FE

Database:

BASE

Weitere Informationen

A method is presented for checking secure information flow in Java bytecode, assuming a multilevel security policy that assigns security levels to the objects. The method exploits the type-level abstract interpretation of standard bytecode verification to detect illegal information flows. We define an algorithm transforming the original code into another code in such a way that a typing error detected by the Verifier on the transformed code corresponds to a possible illicit information flow in the original code. We present a prototype tool that implements the code transformation and we show an example of application of the method.

Treffer: Checking secure information flow in java bytecode by code transformation and standard bytecode verification

Weitere Informationen

Links

Zusatz-Funktionen