A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit <a rel="external noopener" href="https://ieeexplore.ieee.org/ielx7/5971803/9121648/09121656.pdf">the original URL</a>. The file type is <code>application/pdf</code>.
<i title="Tsinghua University Press">
<a target="_blank" rel="noopener" href="https://fatcat.wiki/container/w77vm44enzh4tgk44gtrsw7f64" style="color: black;">Tsinghua Science and Technology</a>
Information Flow Tracking (IFT) is an established formal method for proving security properties related to confidentiality, integrity, and isolation. It has seen promise in identifying security vulnerabilities resulting from design flaws, timing channels, and hardware Trojans for secure hardware design. However, existing IFT methods tend to take a qualitative approach and only enforce binary security properties, requiring strict non-interference for the properties to hold while real systems<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.26599/tst.2019.9010042">doi:10.26599/tst.2019.9010042</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/k6unmub46rcqhitpadnxg2reru">fatcat:k6unmub46rcqhitpadnxg2reru</a> </span>
more »... lly allow a small amount of information flows to enable desirable interactions. Consequently, existing methods are inadequate for reasoning about quantitative security properties or measuring the security of a design in order to assess the severity of a security vulnerability. In this work, we propose two multi-flow solutions -multiple verifications for replicating existing IFT model and multi-flow IFT method. The proposed multi-flow IFT method provides more insight into simultaneous information flow behaviors and allows for proof of quantitative information flow security properties, such as diffusion, randomization, and boundaries on the amount of simultaneous information flows. Experimental results show that our method can be used to prove a new type of information flow security property with verification performance benefits.
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20201108053315/https://ieeexplore.ieee.org/ielx7/5971803/9121648/09121656.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/3f/3b/3f3bc6954ce9758afc1762a6230487a0f184b5e8.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.26599/tst.2019.9010042"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> Publisher / doi.org </button> </a>