Constraint-Based Secure Information Flow Inference for a Java-Like Language
Source: Kansas State University
This paper addresses the problem of checking programs written in a Java-like language, to ensure that they satisfy information flow policies like confidentiality and integrity in the presence of dynamic access control mechanisms like stack inspection. Security policy is specified using permission dependent security types. The paper presents an inference algorithm that infers such security types in a modular manner. For an object-oriented language, this involves inference in the presence of libraries, i.e., classes parameterized by security levels. Moreover the paper shows how modular inference is preserved in the presence of method inheritance and override.