UNITesi

This thesis is concerned with static code analysis. More particularly, with code analysis techniques for checking information flows in programs. First this thesis describes why is important to trace the information flows in a program, it introduces some fundamental concepts and presents the state of art. Then, two methods for checking secure information flow are proposed. The first is based on code transformation, and reuses the type analysis of the Java byte code Verifier. This method analyses programs written in a subset of the Java Virtual Machine Language. The second approach, named instruction-level security typing, has been defined in the framework of Abstract Interpretation end ha been shown more precise than standard typing approaches. This method has been applied to check the classical non-interference property in stack-based assembly programs and in high-level language programs.

Checking Secure Information Flow in Programs

MARTINI, LUCA
2010

Abstract

This thesis is concerned with static code analysis. More particularly, with code analysis techniques for checking information flows in programs. First this thesis describes why is important to trace the information flows in a program, it introduces some fundamental concepts and presents the state of art. Then, two methods for checking secure information flow are proposed. The first is based on code transformation, and reuses the type analysis of the Java byte code Verifier. This method analyses programs written in a subset of the Java Virtual Machine Language. The second approach, named instruction-level security typing, has been defined in the framework of Abstract Interpretation end ha been shown more precise than standard typing approaches. This method has been applied to check the classical non-interference property in stack-based assembly programs and in high-level language programs.
27-apr-2010
Italiano
De Francesco, Nicoletta
Università degli Studi di Pisa
File in questo prodotto:
File Dimensione Formato  
LucaMartini.pdf

embargo fino al 22/05/2046

Tipologia: Altro materiale allegato
Licenza: Tutti i diritti riservati
Dimensione 841.97 kB
Formato Adobe PDF
841.97 kB Adobe PDF

I documenti in UNITESI sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.14242/152015
Il codice NBN di questa tesi è URN:NBN:IT:UNIPI-152015