C Timed Information Flow

Student thesis: Master thesis (including HD thesis)

  • Mikkel Sandø Larsen
  • Mikael Elkiær Christensen
4. term, Software, Master (Master Programme)
This report describes C Timed Information Flow (CTIF).
CTIF a tool which can take new and existing C source code, extending upon the syntax with the concept of security policy labels.
The tool can then, based on the labeling, perform a check while providing information about any potential breaches of security as labeled information flows through the program.

These security policy labels are based on The Decentralized Label Model (DLM).
The report takes important concepts of DLM and provides an extended description as well as formalization in regards to the inferrence of security policy labels.
Additionally, an extension to the security policies is provided, by allowing the expression of time policies, which similarly will be checked by the tool.

The time policies were created with simplicity and practical applications in mind.
As a first step in formalizing the time policies it will be shown how they can be translated into timed automata.
In order to ascertain the practical applications, the time policies will be compared with The Timed Decentralized Label Model - which takes a more formal approach.
LanguageEnglish
Publication date31 May 2016
Number of pages84
ID: 234500123