Riding the Roller Coaster of Information-Flow Control Research
Riding the Roller Coaster of Information-Flow Control Research
| Typ: |
Seminarthema |
| Betreuer: |
Christoph Scheben |
|
|
The topic of this paper is information flow security.
Information flow is the transfer of information from a variable x to a variable y in a given process.
Not all flows may be desirable.
For example, a system shouldn't leak any secret (partially or not) to public observers (from Wikipedia).
Historically, dynamic techniques for enforcement of information flow policies are the pioneers of the area in the 70's.
In their seminal work, Denning and Denning suggest a static alternative for information flow analysis.
Following this work, the 90's see the domination of static techniques for information flow.
This paper demonstrates that it is possible for a purely dynamic enforcement to be as secure as Denning-style static information flow analysis.
