TY - GEN
T1 - Effective blame for information-flow violations
AU - King, Dave
AU - Jaeger, Trent
AU - Jha, Somesh
AU - Seshia, Sanjit A.
PY - 2008
Y1 - 2008
N2 - Programs trusted with secure information should not release that information in ways contrary to system policy. However, when a program contains an illegal flow of information, current information-flow reporting techniques are inadequate for determining the cause of the error. Reasoning about information-flow errors can be difficult, as the flows involved can be quite subtle. We present a general model for information-flow blame that can explain the source of such security errors in code. This model is implemented by changing the information-flow verification procedure to: (1) generate supplementary information to reveal otherwise hidden program dependencies; (2) modify the constraint solver to construct a blame dependency graph; and (3) develop an explanation procedure that returns a complete and minimal error report. Our experiments show that information-flow errors can generally be explained and resolved by viewing only a small fraction of the total code.
AB - Programs trusted with secure information should not release that information in ways contrary to system policy. However, when a program contains an illegal flow of information, current information-flow reporting techniques are inadequate for determining the cause of the error. Reasoning about information-flow errors can be difficult, as the flows involved can be quite subtle. We present a general model for information-flow blame that can explain the source of such security errors in code. This model is implemented by changing the information-flow verification procedure to: (1) generate supplementary information to reveal otherwise hidden program dependencies; (2) modify the constraint solver to construct a blame dependency graph; and (3) develop an explanation procedure that returns a complete and minimal error report. Our experiments show that information-flow errors can generally be explained and resolved by viewing only a small fraction of the total code.
UR - http://www.scopus.com/inward/record.url?scp=77950478187&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=77950478187&partnerID=8YFLogxK
U2 - 10.1145/1453101.1453135
DO - 10.1145/1453101.1453135
M3 - Conference contribution
AN - SCOPUS:77950478187
SN - 9781595939951
T3 - Proceedings of the ACM SIGSOFT Symposium on the Foundations of Software Engineering
SP - 250
EP - 260
BT - SIGSOFT 2008/FSE-16 - Proceedings of the 16th ACM SIGSOFT International Symposium on the Foundations of Software Engineering
T2 - 16th ACM SIGSOFT International Symposium on the Foundations of Software Engineering, SIGSOFT 2008/FSE-16
Y2 - 9 November 2008 through 14 November 2008
ER -