Безопасность информационных технологий (May 2023)

Features of the software architecture of the PLIF language platform for the analysis of the security of information flows in automated systems

  • Aleksei A. Timakov,
  • Mikhail M. Fadeev,
  • Ilya G. Ryzhov,
  • Aleksandr V. Lysikov

DOI
https://doi.org/10.26583/bit.2023.2.03
Journal volume & issue
Vol. 30, no. 2
pp. 53 – 62

Abstract

Read online

A lot of research in the field of formal security models have been conducted so far. Information flow control in automated systems software represents one of important directions. Appropriate mechanisms are being investigated in attempt to embed them into modern programming platforms designated for system and application software creation. Today all such studies are of academic type, they have theoretical meaning and usually end up at stage of prototype. According to those authors the main problem in adopting such mechanisms for industrial use and including respective steps into security development lifecycle is complexity of manual code markup with security labels and security warnings checking. We present a new platform for detecting illegal information flows in database program units and outline the respective testing procedure which explicitly separates the responsibilities of developers from that of security analysts.

Keywords