计算机科学 ›› 2011, Vol. 38 ›› Issue (7): 103-107.
• 软件工程 • 上一篇 下一篇
孙 聪,唐礼勇,陈 钟
出版日期:
发布日期:
基金资助:
SUN Cong,TANG Li-yong,CHEN Zhong
Online:
Published:
摘要: 提出了一种对含输出信道的命令式语言进行信息流安全性分析的方法。将程序抽象为下推系统,通过自合成将不千涉性转化为安全性属性,将两次相关执行中向输出信道的输出操作分别抽象为由下推规则表示的存储和匹配操作,通过对标错状态的可达性分析验证程序是否满足终止不敏感不干涉性。演化后的方法支持程序的发散执行,通过上界回退算法找到强制终止首次执行所需的最大输出信道上界。实验说明该方法与现有工作相比具有更高的精确性和验证效率。
关键词: 信息流,不干涉性,下推系统,可达性分析
Abstract: We proposed an approach for analyzing information-flow security of imperative language with output channels. The program is abstracted with pushdown system, which is then self-composed in order to adapt noninterference as a safety property. The output operations in the two relevant runs are respectively modeled as storing and matching procedure by pushdown rules. Then the termination-insensitive noninterference is verified by a reachability analysis of illegal-flow state. A variation of this approach can deal with program containing divergent run. An upper-bound regression algorithm was proposed to find the maximum upper-bound in order to trigger coercive termination of divergent run. The experimental results show that the approach is more precise and efficient than existing work.
Key words: Information f1ow,Noninterference,Pushdown system,Reachability analysis
孙 聪,唐礼勇,陈 钟. 基于下推系统可达性分析的输出信道信息流检测[J]. 计算机科学, 2011, 38(7): 103-107. https://doi.org/
SUN Cong,TANG Li-yong,CHEN Zhong. ChecKing Information Flow on Output Channel with Reachability Analysis of Pushdown System[J]. Computer Science, 2011, 38(7): 103-107. https://doi.org/
0 / / 推荐
导出引用管理器 EndNote|Reference Manager|ProCite|BibTeX|RefWorks
链接本文: https://www.jsjkx.com/CN/
https://www.jsjkx.com/CN/Y2011/V38/I7/103
Cited
首页