A Permission-Dependent Type System for Secure Information Flow Analysis

@article{Chen2017APT,
  title={A Permission-Dependent Type System for Secure Information Flow Analysis},
  author={Hongxu Chen and Alwen Tiu and Zhiwu Xu and Yang P. Liu},
  journal={2018 IEEE 31st Computer Security Foundations Symposium (CSF)},
  year={2017},
  pages={218-232}
}
We introduce a novel type system for enforcing secure information flow in an imperative language. Our work is motivated by the problem of statically checking potential information leakage in Android applications. To this end, we design a lightweight type system featuring Android permission model, where the permissions are statically assigned to applications and are used to enforce access control in the applications. We take inspiration from a type system by Banerjee and Naumann to allow… CONTINUE READING
1
Twitter Mention

References

Publications referenced by this paper.
SHOWING 1-10 OF 33 REFERENCES

A Sound Type System for Secure Flow Analysis

  • Journal of Computer Security
  • 1996
VIEW 6 EXCERPTS
HIGHLY INFLUENTIAL

Language-based information-flow security

  • IEEE Journal on Selected Areas in Communications
  • 2003
VIEW 2 EXCERPTS
HIGHLY INFLUENTIAL

A laŠice model of secure information flow

Dorothy E. Denning
  • Communications of the ACM,
  • 1976
VIEW 1 EXCERPT
HIGHLY INFLUENTIAL