Checking secure information flow in Java bytecode by code transformation and standard bytecode verification

A method is presented for checking secure information flow in Java bytecode, assuming a multilevel security policy that assigns security levels to the objects. The method exploits the type-level abstract interpretation of standard bytecode verification to detect illegal information flows. We define an algorithm transforming the original code into another code in such a way that a typing error detected by the Verifier on the transformed code corresponds to a possible illicit information How in the original code. We present a prototype tool that implements the method and we show an example of application. Copyright (C) 2004 John Wiley Sons, Ltd.

Autori interni: 
BERNARDESCHI, CINZIA
DE FRANCESCO, NICOLETTA
LETTIERI, GIUSEPPE
mostra contributor esterni 
Autori: BERNARDESCHI C; DE FRANCESCO N; LETTIERI G; MARTINI L
Titolo: Checking secure information flow in Java bytecode by code transformation and standard bytecode verification
Anno del prodotto: 2004
Digital Object Identifier (DOI): 10.1002/spe.611
Appare nelle tipologie:1.1 Articolo in rivista

File in questo prodotto:
Non ci sono file associati a questo prodotto.
Utilizza questo identificativo per citare o creare un link a questo documento:
http://hdl.handle.net/11568/186963
  • Citazioni
  • PubMed Central ND
  • Scopus
  • WOS
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
 
 
 
Powered by IRIS-about IRIS-Utilizzo dei cookie
Logo CINECA  Copyright © 2021