A proof-producing machine-code analyzer for secure information flow
An approach enabling end-users to verify that a downloaded untrusted code will not leak confidential data to unauthorized parties is presented. The approach certifies RISC-style assembly programs for secure information flow by statically analyzing the code based on the idea of Proof Carrying Code (P...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
IEEE
2008
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/68795/1/A%20proof-producing%20machine-code%20analyzer%20for%20secure%20information%20flow.pdf http://psasir.upm.edu.my/id/eprint/68795/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | An approach enabling end-users to verify that a downloaded untrusted code will not leak confidential data to unauthorized parties is presented. The approach certifies RISC-style assembly programs for secure information flow by statically analyzing the code based on the idea of Proof Carrying Code (PCC). The proofs that untrusted code does not leak sensitive information are generated and checked on the host machine and if they are valid, then the untrusted code can be installed and executed safely. The proposed security analyzer operates directly on the machinecode requiring only the inputs and outputs of the code be annotated with security levels. The generated proofs serve as evidence that give end-users a guarantee about the security of the untrusted code. |
|---|