ScienceDirect® Home Skip Main Navigation Links
You have guest access to ScienceDirect. Find out more.
 
Home
Browse
My Settings
Alerts
Help
 Quick Search
 Search tips (Opens new window)
    Clear all fields    
Electronic Notes in Theoretical Computer Science
Volume 141, Issue 1, 5 December 2005, Pages 163-182
Proceedings of the First Workshop on Bytecode Semantics, Verification, Analysis and Transformation (Bytecode 2005)
 
Font Size: Decrease Font Size  Increase Font Size
 Abstract - selected
Purchase PDF (324 K)

  E-mail Article   
  Add to my Quick Links   
Bookmark and share in 2collab (opens in new window)
Request permission to reuse this article
  Cited By in Scopus (2)
 
 
 
Related Articles in ScienceDirect
View More Related Articles
 
View Record in Scopus
 
doi:10.1016/j.entcs.2005.02.031    How to Cite or Link Using DOI (Opens New Window)
Copyright © 2005 Elsevier B.V. All rights reserved.

Timing Aware Information Flow Security for a JavaCard-like Bytecode

Daniel HedinE-mail The Corresponding Author and David SandsE-mail The Corresponding Author

Department of Computing Science, Chalmers, Goteborg, Sweden

Available online 24 November 2005.

Purchase the full-text article



References and further reading may be available for this article. To view references and further reading you must purchase this article.

Abstract

Common protection mechanisms fail to provide end-to-end security; programs with legitimate access to secret information are not prevented from leaking this to the world. Information-flow aware analyses track the flow of information through the program to prevent such leakages, but often ignore information flows through covert channels even though they pose a serious threat. A typical covert channel is to use the timing of certain events to carry information. We present a timing-aware information-flow type system for a low-level language similar to a non-trivial subset of a sequential Java bytecode. The type system is parameterized over the time model of the instructions of the language and over the algorithm enforcing low-observational equivalence, used in the prevention of implicit and timing flows.

Keywords: covert channels; information flow; security; bytecode


Electronic Notes in Theoretical Computer Science
Volume 141, Issue 1, 5 December 2005, Pages 163-182
Proceedings of the First Workshop on Bytecode Semantics, Verification, Analysis and Transformation (Bytecode 2005)
 
Home
Browse
My Settings
Alerts
Help
Elsevier.com (Opens new window)
About ScienceDirect  |  Contact Us  |  Information for Advertisers  |  Terms & Conditions  |  Privacy Policy
Copyright © 2008 Elsevier B.V. All rights reserved. ScienceDirect® is a registered trademark of Elsevier B.V.