Mon 5 Nov 2018 13:30 - 14:15 at Franklin - II Chair(s): William Bail

In many software applications, it is necessary to preserve confidentiality of information. Therefore, security mechanisms are needed to enforce that secret information does not leak to unauthorized users. However, most language-based techniques to enable information flow control work post-hoc, deciding whether a specific program violates a confidentiality policy. In contrast, we have proposed a refinement-based approach to derive programs that preserve confidentiality-by-construction in previous work. This approach follows the principles of Dijkstra’s correctness-by-construction. In this extended abstract, we present the implementation and tool support of that refinement-based approach allowing to specify the information flow policies first and to create programs which comply to these policies by construction. In particular, we present the idea of confidentiality-by-construction using an example and discuss the IDE we have developed.

Conference Day
Mon 5 Nov

Displayed time zone: Guadalajara, Mexico City, Monterrey change

13:30 - 15:00
IIHILT at Franklin
Chair(s): William BailThe MITRE Corporation
Tool support for Confidentiality by Construction
S: Tobias RungeTU Braunschweig, S: Ina SchaeferTechnische Universität Braunschweig, Alexander KnüppelTU Braunschweig, Germany, Loek CleophasEindhoven University of Technology (TU/e) and Stellenbosch University, Derrick KourieStellenbosch University, Bruce WatsonStellenbosch University; and Centre for AI Research, CSIR
Panel on Language-based Security
P: Stephen ChongHarvard University, Ina SchaeferTechnische Universität Braunschweig, Tobias RungeTU Braunschweig, Lucas WagnerRockwell Collins, Sam ProcterCarnegie Mellon Software Engineering Institute, Tucker TaftAdaCore