Evaluating the Overhead of Dynamic Information Flow Analysis Performed by Security Typed Programming Languages
D. Hassan1
Section:Research Paper, Product Type: Journal Paper
Volume-4 ,
Issue-11 , Page no. 69-74, Nov-2016
Online published on Nov 29, 2016
Copyright © D. Hassan . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
View this paper at Google Scholar | DPI Digital Library
How to Cite this Paper
- IEEE Citation
- MLA Citation
- APA Citation
- BibTex Citation
- RIS Citation
IEEE Style Citation: D. Hassan, “Evaluating the Overhead of Dynamic Information Flow Analysis Performed by Security Typed Programming Languages,” International Journal of Computer Sciences and Engineering, Vol.4, Issue.11, pp.69-74, 2016.
MLA Style Citation: D. Hassan "Evaluating the Overhead of Dynamic Information Flow Analysis Performed by Security Typed Programming Languages." International Journal of Computer Sciences and Engineering 4.11 (2016): 69-74.
APA Style Citation: D. Hassan, (2016). Evaluating the Overhead of Dynamic Information Flow Analysis Performed by Security Typed Programming Languages. International Journal of Computer Sciences and Engineering, 4(11), 69-74.
BibTex Style Citation:
@article{Hassan_2016,
author = {D. Hassan},
title = {Evaluating the Overhead of Dynamic Information Flow Analysis Performed by Security Typed Programming Languages},
journal = {International Journal of Computer Sciences and Engineering},
issue_date = {11 2016},
volume = {4},
Issue = {11},
month = {11},
year = {2016},
issn = {2347-2693},
pages = {69-74},
url = {https://www.ijcseonline.org/full_paper_view.php?paper_id=1110},
publisher = {IJCSE, Indore, INDIA},
}
RIS Style Citation:
TY - JOUR
UR - https://www.ijcseonline.org/full_paper_view.php?paper_id=1110
TI - Evaluating the Overhead of Dynamic Information Flow Analysis Performed by Security Typed Programming Languages
T2 - International Journal of Computer Sciences and Engineering
AU - D. Hassan
PY - 2016
DA - 2016/11/29
PB - IJCSE, Indore, INDIA
SP - 69-74
IS - 11
VL - 4
SN - 2347-2693
ER -
VIEWS | XML | |
1506 | 1358 downloads | 1331 downloads |
Abstract
Security-typed programming languages aim to track insecure information flows in application program. This is achieved by extending data types with security labels in order to identify the confidentiality and integrity policies for each data element. Such policies specify which principals or entities are allowed to read from or write to the value of data respectively. In this paper, we evaluate the run-time overhead of dynamic information flow (DIF) analysis in security typed programming languages. Such analysis is performed by including the security labeling in the dynamic operational semantics. Our evaluation mechanism relies on developing two different language implementations for a simple while programming language that has been considered as a case of study. The first one is a traditional interpreter that implements the ordinary operational semantics of the language without security labeling of data types and hence performs no information flow analysis. The second one is an interpreter that performs a dynamic information flow analysis by implementing the security labeling semantics (where language data types are augmented with security labels). Next, two execution times of a program executed using both interpreters are measured (i.e., one execution time for each interpreter). The resulting difference in execution time represents the absolute run-time overhead of dynamic information flow analysis. We have calculated the difference in execution time for some benchmark programs that are executed using both implementations.
Key-Words / Index Term
Dynamic information flow; security labeling; run-time overhead; operational semantics
References
[1] Sabelfeld, A., and Myers, A. C.: Language-Based information-Flow Security. IEEE J. on Sel. Areas in Comm., 21(1):5� 19, 2003.
[2] Myers, A. C.: Flow: Practical Mostly-Static information Flow Control. In Proceeding of POPL�99, pp. 228�241, ACM, 1999.
[3] Simonet, v., and Rocquencourt, I.: Flow Caml in a Nutshell. In Proc. Of APPSEM-II, pp. 152�165, 2003.
[4] Alejandro, R. and Andrei, S. Dynamic vs. Static Flow-Sensitive Security Analysis. In Proceedings of 23rd IEEE Computer Security Foundations Symposium (CSF�10), pp.186 - 199, 2010.
[5] Shroff, P., Smith, S., and Thober, M.: Securing information Flow via Dynamic Capture of Dependencies. In Journal of Computer Security, 16:673�688, 2008.
[6] Denning, D. E.: A Lattice Model of Secure Information Flow. journal of Commun. ACM, 19(5):236 � 243, 1976.
[7] Molnar. D., Piotrowski, M. , Schultz,D., and Wagner, D: The program counter security model: Automatic detection and removal of control flow side channel attacks. In Proc. of ICISC�05, vol. 3935 of LNCS, pp.156168. Springer, 2005.
[8] Brand, M. G. J. V. D., Deursen, A. V., Heering, J., Jonge, J. M., Kuipers, T., Klint, P. , Moonen, L., Olivier, P., Scheerder, J., Vinju, J.J. , Visser,E., and Visser, J.: The ASF+SDF Meta-Environment: A Component-Based Language Development Environment. In Proc. Of CC�01, vol. 2027 of LNCS, pp. 365�370, Springer, 2001.
[9] Deursen, A. V., Heering, J., and Klint, P.: Language Prototyping: An Algebraic Specification Approach: Vol. V. AMAST Series in Computing, World Scientific, 1996.
[10] Heering, J., Hendriks, P., Klint, P., and Rekers.J.: The Syntax Definition Formalism SDF - Reference Manual, 1989.
[11] Brand, M. G. J. V. D., and Klint, P. Asf+sdf Meta-Environment User Manual Revision 1.134. Technical report, CWI Centrum voor Wiskunde en Informatica, Amsterdam, 2003. Available at: http://www. cwi.nl/projects/MetaEnv/meta.
[12] Brand, M. G. J. V. D., Klint, P., and Vinju, J.J. The Language Specification Formalism ASF+SDF, 2008.
[13] Klint, P.: A Meta-Environment for Generating Programming Environments. In ACM TOSEM, 2(2):176�201, 1993.
[14] Eclipse Platform technical overview. Object Technology International, Inc., 2003.
[15] Brand, M. G. J. V. D., Jong, H. A., Klint, P. and Kooiker, A. T. A language development environment for Eclipse. In Proceedings of OOPSLA Workshop on Eclipse Technology eXchange., 2003.
[16] Shroff, P., Smith, S., and Thober, M.: Dynamic Dependency Monitoring to Secure Information Flow. In Proc. of CSF�07, pp. 203�217, IEEE, 2007.
[17] Le Guernic, G. Confidentiality Enforcement Using Dynamic Information Flow Analyses. PhD thesis, Kansas State University, 2007.
[18] Austin, T. H. and Flanagan, C. Efficient Purely-Dynamic Information Flow Analysis. In Proc. of PLAS 2009, pp. 113�124, ACM, 2009.
[19] Austin, T. H. Dynamic Information Flow Analysis for JavaScript in a Web Browser. PhD thesis, University of California, Santa Cruz, March, 2013.
[20] Austin, T. H., Disney, T., Flanagan, C and Jeffrey, A. Dynamic Information Flow Analysis for Featherweight JavaScript. Technical Report #UCSC-SOE-11-19, University California, Santa Cruz, 2011.
[21] Myers, A. C. and Liskov, B. Protecting Privacy Using the Decentralized Label Model. ACM TOSEM, 9:410 � 442, 2000.