Security

Dynamic Vs. Static Flow-Sensitive Security Analysis

Free registration required

Executive Summary

This paper seeks to answer fundamental questions about trade-offs between static and dynamic security analysis. It has been previously shown that flow-sensitive static information-flow analysis is a natural generalization of flow insensitive static analysis, which allows accepting more secure programs. It has been also shown that sound purely dynamic information-flow enforcement is more permissive than static analysis in the flow-insensitive case. The authors argue that the step from flow-insensitive to flow-sensitive is fundamentally limited for purely dynamic information-flow controls.

  • Format: PDF
  • Size: 286.8 KB