A method is presented for checking secure information flow in Java bytecode, assuming a multilevel security policy that assigns security levels to the objects. The method exploits the type-level abstract interpretation of standard bytecode verification to detect illegal information flows. We define an algorithm transforming the original code into another code in such a way that a typing error detected by the Verifier on the transformed code corresponds to a possible illicit information How in the original code. We present a prototype tool that implements the method and we show an example of application. Copyright (C) 2004 John Wiley Sons, Ltd.

Checking secure information flow in Java bytecode by code transformation and standard bytecode verification

BERNARDESCHI, CINZIA;DE FRANCESCO, NICOLETTA;LETTIERI, GIUSEPPE;
2004-01-01

Abstract

A method is presented for checking secure information flow in Java bytecode, assuming a multilevel security policy that assigns security levels to the objects. The method exploits the type-level abstract interpretation of standard bytecode verification to detect illegal information flows. We define an algorithm transforming the original code into another code in such a way that a typing error detected by the Verifier on the transformed code corresponds to a possible illicit information How in the original code. We present a prototype tool that implements the method and we show an example of application. Copyright (C) 2004 John Wiley Sons, Ltd.
2004
Bernardeschi, Cinzia; DE FRANCESCO, Nicoletta; Lettieri, Giuseppe; Martini, L.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11568/186963
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 15
  • ???jsp.display-item.citation.isi??? 10
social impact