Language-Based Information-Flow Security.
Andrei Sabelfeld, Andrew C. Myers. IEEE
Journal on Selected Areas in Communication (to appear).
Conventional security mechanisms such as access control and
encryption do not directly address the enforcement of
information-flow policies. Recently, a promising new approach has
been developed: the use of programming-language techniques for
specifying and enforcing information-flow policies. In this article
we survey the past three decades of research on information-flow
security, particularly focusing on work that uses static program
analysis to enforce information-flow policies. We give a structured
view of recent work in the area and identify some important open
challenges. (Postscript version)
As always, if you want to extend language semantics, the easiest way is to use the type system
In a security-typed language, the types
of program variables and expressions are augmented with
annotations that specify policies on the use of the typed data. This means, of course, that these security policies can be enforced at compile time.
Like ordinary type checking, security type checking is also
inherently compositional: secure subsystems combine to form
a larger secure system as long as the external type signatures
of the subsystems agree.
Posted to Software-Eng by Ehud Lamm on 8/21/02; 1:11:33 PM