On-the-Fly Inlining of Dynamic Security Monitors

How do the people guarantee that a piece of code, possibly originating from third party, does not jeopardize the security of the underlying application? Language-based information-flow security considers programs that manipulate pieces of data at different sensitivity levels. Securing information flow in such programs remains an open challenge. Recently, considerable progress has been made on understanding dynamic monitoring for secure information flow. This paper presents a framework for in-lining dynamic information flow monitors. A novel feature of the authors' framework is the ability to perform in-lining on the fly. They consider a source language that includes dynamic code evaluation of strings whose content might not be known until run-time.

Provided by: Chalmers University of Technology Topic: Software Date Added: Dec 2011 Format: PDF

Find By Topic