Click here to load reader
Upload
myasinr
View
214
Download
0
Embed Size (px)
Citation preview
8/14/2019 Decentralised Label Model and Java Information Flow (JIF)
http://slidepdf.com/reader/full/decentralised-label-model-and-java-information-flow-jif 1/8
1
JIF Java Information Flow
Basic Programming Features EncapsulationBasic Access Control
New Demand In Basic ProgrammingFeaturesControl Data Flow around Application.
8/14/2019 Decentralised Label Model and Java Information Flow (JIF)
http://slidepdf.com/reader/full/decentralised-label-model-and-java-information-flow-jif 2/8
2
Introduction
Information Flow: The way that information moves through a
program.
Is define by variables and methods in program.
Problem: Each time a program produces an output
It is a possibility that information it contains maybe disclose
Solution: Permission based model: to impose ownership on
variables
8/14/2019 Decentralised Label Model and Java Information Flow (JIF)
http://slidepdf.com/reader/full/decentralised-label-model-and-java-information-flow-jif 3/8
3
Controlling Information Flow
Exemption: This provide a security in an application not in system (will be leaked from system).Proposal:Decentralized Label Model
8/14/2019 Decentralised Label Model and Java Information Flow (JIF)
http://slidepdf.com/reader/full/decentralised-label-model-and-java-information-flow-jif 4/8
4
Decentralized Label Model(Principals and Policies)
Principals: Are Users, groups or roles Perform operations (read/write) on values
in program Any principals can authorized another to
act on its behalf. Limits in principals:
T(*) can act for every principal and calledthe top principal
I(_) which allows all principals to act for itis called bottom principal
8/14/2019 Decentralised Label Model and Java Information Flow (JIF)
http://slidepdf.com/reader/full/decentralised-label-model-and-java-information-flow-jif 5/8
5
… Decentralized LabelModel
Policies: DLM Allows programmer to specify
policies using labels for each labels.
Braces {} are used after variable typedeclaration.
No policy assigned is possible.
To specified public policy used emptybrasses like {}
Confidentiality Policies: {owner —> read}
Integrity Policies: {owner <— write} —> *
8/14/2019 Decentralised Label Model and Java Information Flow (JIF)
http://slidepdf.com/reader/full/decentralised-label-model-and-java-information-flow-jif 6/8
6
JIF Java Information Flow
DLM forms the foundation of JIF. JIF takes the concepts and the language
rules from DLM
JIF expands DLM rules into a full languageextension to java
Flow of Control:
Syntax: int {Alice—>Bob} x=10;
int {Alice —>Bob: Alice<—Frank} y=20;
8/14/2019 Decentralised Label Model and Java Information Flow (JIF)
http://slidepdf.com/reader/full/decentralised-label-model-and-java-information-flow-jif 7/8
7
Example of JIF Program
import jif.principals.*;
public class Example1{
public static void main{}(principal{} p, String[]{} args){
//construct the principals .
final principal Alice = new Alice(); final principal Bob = new Bob();
//set the private data, notice the fields only have owners.String{Alice:} aliceCarReg =“XYZ”;
String{Bob:} BobCarReg =“ABC”;
String{} publicReg=“”;
//attempt to set the public field with Alice's private car registration
publicReg = aliceCarReg; // will generate error
}
}
Debug:
String{Alice:_} aliceCarReg =“XYZ”;
8/14/2019 Decentralised Label Model and Java Information Flow (JIF)
http://slidepdf.com/reader/full/decentralised-label-model-and-java-information-flow-jif 8/8
8
Blog: http://mohsinpage.wordpress.com/ Twitter: http://twitter.com/moshsin LinkedIn: http://
pk.linkedin.com/in/rmyasin E-Mail: [email protected]