Cover Image

A proof-producing machine-code analyzer for secure information flow

An approach enabling end-users to verify that a downloaded untrusted code will not leak confidential data to unauthorized parties is presented. The approach certifies RISC-style assembly programs for secure information flow by statically analyzing the code based on the idea of Proof Carrying Code (P...

Full description

Saved in:
Bibliographic Details
Main Authors: Muthana, Abdulrahman Ahmad Abdu, Abd Ghani, Abdul Azim, Mahmod, Ramlan, Selamat, Mohd Hasan
Format: Conference or Workshop Item
Language:English
Published: IEEE 2008
Online Access:http://psasir.upm.edu.my/id/eprint/68795/1/A%20proof-producing%20machine-code%20analyzer%20for%20secure%20information%20flow.pdf
http://psasir.upm.edu.my/id/eprint/68795/
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.upm.eprints.68795
record_format eprints
spelling my.upm.eprints.687952019-06-10T03:43:46Z http://psasir.upm.edu.my/id/eprint/68795/ A proof-producing machine-code analyzer for secure information flow Muthana, Abdulrahman Ahmad Abdu Abd Ghani, Abdul Azim Mahmod, Ramlan Selamat, Mohd Hasan An approach enabling end-users to verify that a downloaded untrusted code will not leak confidential data to unauthorized parties is presented. The approach certifies RISC-style assembly programs for secure information flow by statically analyzing the code based on the idea of Proof Carrying Code (PCC). The proofs that untrusted code does not leak sensitive information are generated and checked on the host machine and if they are valid, then the untrusted code can be installed and executed safely. The proposed security analyzer operates directly on the machinecode requiring only the inputs and outputs of the code be annotated with security levels. The generated proofs serve as evidence that give end-users a guarantee about the security of the untrusted code. IEEE 2008 Conference or Workshop Item PeerReviewed text en http://psasir.upm.edu.my/id/eprint/68795/1/A%20proof-producing%20machine-code%20analyzer%20for%20secure%20information%20flow.pdf Muthana, Abdulrahman Ahmad Abdu and Abd Ghani, Abdul Azim and Mahmod, Ramlan and Selamat, Mohd Hasan (2008) A proof-producing machine-code analyzer for secure information flow. In: 3rd International Symposium on Information Technology (ITSim'08), 26-28 Aug. 2008, Kuala Lumpur, Malaysia. . 10.1109/ITSIM.2008.4631593
institution Universiti Putra Malaysia
building UPM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Putra Malaysia
content_source UPM Institutional Repository
url_provider http://psasir.upm.edu.my/
language English
description An approach enabling end-users to verify that a downloaded untrusted code will not leak confidential data to unauthorized parties is presented. The approach certifies RISC-style assembly programs for secure information flow by statically analyzing the code based on the idea of Proof Carrying Code (PCC). The proofs that untrusted code does not leak sensitive information are generated and checked on the host machine and if they are valid, then the untrusted code can be installed and executed safely. The proposed security analyzer operates directly on the machinecode requiring only the inputs and outputs of the code be annotated with security levels. The generated proofs serve as evidence that give end-users a guarantee about the security of the untrusted code.
format Conference or Workshop Item
author Muthana, Abdulrahman Ahmad Abdu
Abd Ghani, Abdul Azim
Mahmod, Ramlan
Selamat, Mohd Hasan
spellingShingle Muthana, Abdulrahman Ahmad Abdu
Abd Ghani, Abdul Azim
Mahmod, Ramlan
Selamat, Mohd Hasan
A proof-producing machine-code analyzer for secure information flow
author_facet Muthana, Abdulrahman Ahmad Abdu
Abd Ghani, Abdul Azim
Mahmod, Ramlan
Selamat, Mohd Hasan
author_sort Muthana, Abdulrahman Ahmad Abdu
title A proof-producing machine-code analyzer for secure information flow
title_short A proof-producing machine-code analyzer for secure information flow
title_full A proof-producing machine-code analyzer for secure information flow
title_fullStr A proof-producing machine-code analyzer for secure information flow
title_full_unstemmed A proof-producing machine-code analyzer for secure information flow
title_sort proof-producing machine-code analyzer for secure information flow
publisher IEEE
publishDate 2008
url http://psasir.upm.edu.my/id/eprint/68795/1/A%20proof-producing%20machine-code%20analyzer%20for%20secure%20information%20flow.pdf
http://psasir.upm.edu.my/id/eprint/68795/
_version_ 1643839308581306368
score 13.211869

Similar Items