Runtime Monitoring of Information Flow Policies
Source: De Montfort University
The run-time verification of security properties (Integrity, Availability and Confidentiality) received increased attention from researchers. In particular, security properties that relate to information that is made available by end users is achievable only to a limited degree using static verification techniques. The more sensitive the information, such as banking data, government intelligence or military information being processed by software, the more important it is to ensure the confidentiality of this information. In this paper, the authors present a run-time verification framework that provides a flexible approach to information security management so that the information flow within a program execution conforms to a defined set of rules.