Improving information flow control design with security contexts
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2015.
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis |
| Language: | eng |
| Published: |
Massachusetts Institute of Technology
2016
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/1721.1/100598 |
| _version_ | 1826204132427431936 |
|---|---|
| author | Hemberger, Paul Wang |
| author2 | Srini Devadas. |
| author_facet | Srini Devadas. Hemberger, Paul Wang |
| author_sort | Hemberger, Paul Wang |
| collection | MIT |
| description | Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2015. |
| first_indexed | 2024-09-23T12:49:24Z |
| format | Thesis |
| id | mit-1721.1/100598 |
| institution | Massachusetts Institute of Technology |
| language | eng |
| last_indexed | 2024-09-23T12:49:24Z |
| publishDate | 2016 |
| publisher | Massachusetts Institute of Technology |
| record_format | dspace |
| spelling | mit-1721.1/1005982019-04-12T20:57:48Z Improving information flow control design with security contexts Hemberger, Paul Wang Srini Devadas. Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science. Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science. Electrical Engineering and Computer Science. Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2015. This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections. Cataloged from student-submitted PDF version of thesis. Includes bibliographical references (pages 83-85). This thesis outlines a new language feature for Ruby: the security context, which enables complex information flow control schemes to be written in Ruby without modification to the virtual machine. Security contexts are Ruby objects that act as transparent proxies and can be attached to other objects, allowing them to seamlessly modify parameters and return values into and out of those objects' methods. Security contexts are demonstrated to be simple and effective in creating two flow control applications that would otherwise pose significant challenge to build: taint tracking as a Ruby library, and data flow assertions for Ruby on Rails applications. The performance of these systems was benchmarked while running as a part of a Rails application, and reached acceptable performance: taint tracking had no impact on performance, and data flow assertions saw a 50% throughput decrease, while providing considerable protection against privacy leaks and security vulnerabilities. by Paul Wang Hemberger. M. Eng. 2016-01-04T19:57:21Z 2016-01-04T19:57:21Z 2015 2015 Thesis http://hdl.handle.net/1721.1/100598 932129591 eng M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582 85 pages application/pdf Massachusetts Institute of Technology |
| spellingShingle | Electrical Engineering and Computer Science. Hemberger, Paul Wang Improving information flow control design with security contexts |
| title | Improving information flow control design with security contexts |
| title_full | Improving information flow control design with security contexts |
| title_fullStr | Improving information flow control design with security contexts |
| title_full_unstemmed | Improving information flow control design with security contexts |
| title_short | Improving information flow control design with security contexts |
| title_sort | improving information flow control design with security contexts |
| topic | Electrical Engineering and Computer Science. |
| url | http://hdl.handle.net/1721.1/100598 |
| work_keys_str_mv | AT hembergerpaulwang improvinginformationflowcontroldesignwithsecuritycontexts |