Open AccessA Virtual Machine Based Information Flow Control System for Policy Enforcement
Author(s) -
Srijith K. Nair,
Patrick N.D. Simpson,
Bruno Crispo,
Andrew S. Tanenbaum
Publication year - 2008
Publication title -
electronic notes in theoretical computer science
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.242
H-Index - 60
ISSN - 1571-0661
DOI - 10.1016/j.entcs.2007.10.010
Subject(s) - computer science , tracing , java , trace (psycholinguistics) , information flow , control flow , overhead (engineering) , security policy , virtual machine , enforcement , data flow diagram , control (management) , computer security , distributed computing , programming language , operating system , database , philosophy , linguistics , artificial intelligence , political science , law
The ability to enforce usage policies attached to data in a fine grained manner requires that the system be able to trace and control the flow of information within it. This paper presents the design and implementation of such an information flow control system, named Trishul, as a Java Virtual Machine. In particular we address the problem of tracing implicit information flow, which had not been resolved by previous run-time systems and the additional intricacies added on by the Java architecture. We argue that the security benefits offered by Trishul are substantial enough to counter-weigh the performance overhead of the system as shown by our experiments
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom