Monitoring Explicit Information Flow Using Java Byte-Code Instrumentation

Computer systems are verified to check the correctness or validated to check the performance of the software system with respect to specific security properties such as Integrity, Availability and Confidentiality. That is made available by the end users of the software is achievable only to a limited degree using static verification techniques. The more sensitive the information, such as credit card data, government intelligence or personal medical information being processed by software, the more important it is to ensure the confidentiality of this information. Monitoring untrusted programs during execution in an environment where sensitive information is present is difficult and unnerving. The issue is how to control the confidential information flow during untrusted program execution.