A variant of Mobile Ambient Calculus is introduced, called Boundary Ambient, to model multilevel security policies. Ambients that may guarantee to properly protect their content are explicitly identified as boundaries: a boundary can be seen as a resource access manager for confidential data. In this setting, we define a notion of non-interference which captures the absence of any (both direct and indirect) information leakage. Then, we guarantee non-interference by extending a control flow analysis that computes an over approximation of all ambients and capabilities that may be affected by the actual values of high level data.
Autori: | |
Data di pubblicazione: | 2003 |
Titolo: | Information Leakage Detection in Boundary Ambients |
Titolo del libro: | Proc. Computing: The Australasian Theory Symposium |
Digital Object Identifier (DOI): | http://dx.doi.org/10.1016/S1571-0661(04)81010-7 |
Appare nelle tipologie: | 4.1 Articolo in Atti di convegno |