JRIF: Reactive Information Flow Control for Java
| dc.contributor.author | Kozyri, Elisavet | |
| dc.contributor.author | Arden, Owen | |
| dc.contributor.author | Myers, Andrew C. | |
| dc.contributor.author | Schneider, Fred B. | |
| dc.date.accessioned | 2016-02-12T17:59:12Z | |
| dc.date.available | 2015-10-24T16:40:48Z | |
| dc.date.available | 2016-02-12T17:59:12Z | |
| dc.date.issued | 2016-02-12 | |
| dc.description.abstract | A reactive information flow (RIF) automaton for a value v specifies (i) allowed uses for v and (ii) the RIF automaton for any value that might be directly or indirectly derived from v. RIF automata thus specify how transforming a value alters how the result might be used. Such labels are more expressive than existing approaches for controlling downgrading. We devised a type system around RIF automata and incorporated it into Jif, a dialect of Java that supports a classic form of labels for information flow. By implementing a compiler for the resulting JRIF language, we demonstrate how easy it is to replace a classic information-flow type system by a more expressive RIF-based type system. We programmed two example applications in JRIF, and we discuss insights they provide into the benefits of RIF-based security labels. | en_US |
| dc.description.sponsorship | Supported in part by AFOSR grants F9550-06-0019 and FA9550-11-1-0137, National Science Foundation grants 0430161, 0964409, and CCF-0424422 (TRUST), ONR grants N00014-01- 1-0968 and N00014-09-1-0652, and grants from Microsoft. | en_US |
| dc.identifier.uri | https://hdl.handle.net/1813/41194 | |
| dc.language.iso | en_US | en_US |
| dc.rights | Attribution-NonCommercial-ShareAlike 4.0 International | * |
| dc.rights.uri | https://creativecommons.org/licenses/by-nc-sa/4.0/ | * |
| dc.title | JRIF: Reactive Information Flow Control for Java | en_US |
| dc.type | technical report | en_US |
Files
Original bundle
1 - 1 of 1