A Translator with a Security Static Analysis Feature of an Information Flow for a Simple Programming Language

E. Ju. Antoshina; A. N. Barakova; E. S. Nikitin; D. Ju. Chalyy

doi:10.18255/1818-1015-2014-4-5-12

Моделирование и анализ информационных систем (Aug 2014)

A Translator with a Security Static Analysis Feature of an Information Flow for a Simple Programming Language

E. Ju. Antoshina,
A. N. Barakova,
E. S. Nikitin,
D. Ju. Chalyy

Affiliations

E. Ju. Antoshina: P.G. Demidov Yaroslavl State University
A. N. Barakova: P.G. Demidov Yaroslavl State University
E. S. Nikitin: P.G. Demidov Yaroslavl State University
D. Ju. Chalyy: P.G. Demidov Yaroslavl State University

DOI: https://doi.org/10.18255/1818-1015-2014-4-5-12
Journal volume & issue: Vol. 21, no. 4
pp. 5 – 12

Abstract

Read online

We consider while-language programs with variables of two security types: low and high. Security static analysis of information flows of such programs identifies insecure information flows which can cause leaks. Semantic rules of such an analysis which was proposed in [6] assign security types for expressions, operators and compositions of operators. We use these rules to propose an algorithm of security static analysis to discover a security type of the program under consideration. If such a type can be assigned, information flows of the program are secure; otherwise, it contains insecure information flows. We have used flex and bison [5] tools to implement a translator for a while-language into the MMIX computer [2] instruction sequence.

Published in Моделирование и анализ информационных систем

ISSN: 1818-1015 (Print); 2313-5417 (Online)
Publisher: Yaroslavl State University
Country of publisher: Russian Federation
LCC subjects: Technology: Technology (General): Industrial engineering. Management engineering: Information technology
Website: http://mais-journal.ru/

About the journal

Abstract

Keywords