SPP 1496 – WP: Information Flow Control for Mobile Components Based on Precise Analysis for Parallel Programs (2nd funding period) (IFC for Mobile Components)

Basic data for this project

Description

This project develops a highly precise information flow control (IFC) analysis for concurrent programs and mobile components. The analysis is based on program dependence graphs (PDGs), dynamic pushdown networks, and fixpoint-based invariant generation; it is flow-sensitive, context-sensitive, object-sensitive, time-sensitive, and lock-sensitive. In the first phase of the current project, a PDG-based IFC Analysis for Java software components was developed; precision was successfully increased using dynamic pushdown networks; and a new algorithm for IFC analysis of concurrent program was invented, which is the first PDG-based analysis for low-security observational determinism for full Java. In the second phase, the plug-in mechanism for mobile components will be completed, support for security in-the-large will be added, scalability and precision of the analysis will be evaluated and increased, support for declassification will be improved, and the analysis will be integrated. The method will be applied in the RS3 reference scenarios ``Software for mobile devices'' and ``E-Voting'' to check noninterference of concurrent programs. The project is performed in cooperation with the group of Prof. Gregor Snelting from Karlsruhe Institute of Technology and is part of Priority Programme 1496 "Reliably Secure Software Systems - RS3" funded by the DFG (Deutsche Forschungsgemeinschaft).