An Automatic Inference of Minimal Security Types [chapter]

Dominik Bollmann, Steffen Lortz, Heiko Mantel, Artem Starostin
2015 Lecture Notes in Computer Science  
Type-based information-flow analyses provide strong end-toend confidentiality guarantees for programs. Yet, such analyses are not easy to use in practice, as they require all information containers in a program to be annotated with security types, which is a tedious and error-prone task -if done manually. In this article, we propose a new algorithm for inferring such security types automatically. We implement our algorithm as an Eclipse plug-in, which enables software engineers to use it for
more » ... ifying confidentiality requirements in their programs. We experimentally show our implementation to be effective and efficient. We also analyze theoretical properties of our security-type inference algorithm. In particular, we prove it to be sound, complete, minimal, and of linear time-complexity in the size of the program analyzed.
doi:10.1007/978-3-319-26961-0_24 fatcat:yitkrwes7reu7cxqtqdgwgkwhe