Hybrid static-runtime information flow and declassification enforcement

Bruno P.S. Rocha, Mauro Conti, Sandro Etalle, Bruno Crispo

    Research output: Contribution to journalArticleAcademicpeer-review

    26 Citations (Scopus)
    66 Downloads (Pure)

    Abstract

    There are different paradigms for enforcing information flow and declassification policies. These approaches can be divided into static analyzers and runtime enforcers. Each class has its own strengths and weaknesses, each being able to enforce a different set of policies. In this paper, we introduce a hybrid static-runtime enforcement mechanism that works on unannotated program code and supports information-flow control, as well as declassification policies. Our approach manages to enforce realistic policies, as shown by our three running examples, all within the context of a mobile device application, which cannot be handled separately by static or runtime approaches, and are also not covered by current access control models of mobile platforms such as Android or iOS. We also show that including an intermediate step (called preload check) makes both the static analysis system independent (in terms of security labels) and the runtime enforcer lightweight. Finally, we implement our runtime enforcer and run experiments that show that its overhead is so low that the approach can be rolled out on current mobile systems.
    Original languageUndefined
    Pages (from-to)1294-1305
    Number of pages12
    JournalIEEE transactions on information forensics and security
    Volume8
    Issue number8
    DOIs
    Publication statusPublished - Aug 2013

    Keywords

    • SCS-Cybersecurity
    • EWI-24480
    • Hybrid
    • Flow
    • IR-89421
    • Enforcement
    • Static-Runtime
    • METIS-302709
    • Declassification

    Cite this