Quantitative information-flow tracking for real systems
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2008.
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis |
| Language: | eng |
| Published: |
Massachusetts Institute of Technology
2009
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/1721.1/44903 |
| _version_ | 1826188810988290048 |
|---|---|
| author | McCamant, Stephen |
| author2 | Michael D. Ernst. |
| author_facet | Michael D. Ernst. McCamant, Stephen |
| author_sort | McCamant, Stephen |
| collection | MIT |
| description | Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2008. |
| first_indexed | 2024-09-23T08:05:23Z |
| format | Thesis |
| id | mit-1721.1/44903 |
| institution | Massachusetts Institute of Technology |
| language | eng |
| last_indexed | 2024-09-23T08:05:23Z |
| publishDate | 2009 |
| publisher | Massachusetts Institute of Technology |
| record_format | dspace |
| spelling | mit-1721.1/449032019-04-09T16:34:41Z Quantitative information-flow tracking for real systems McCamant, Stephen Michael D. Ernst. Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. Electrical Engineering and Computer Science. Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2008. This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections. Includes bibliographical references (p. 99-105). An information-flow security policy constrains a computer system's end-to-end use of information, even as it is transformed in computation. For instance, a policy would not just restrict what secret data could be revealed directly, but restrict any output that might allow inferences about the secret. Expressing such a policy quantitatively, in terms of a specific number of bits of information, is often an effective program independent way of distinguishing what scenarios should be allowed and disallowed. This thesis describes a family of new techniques for measuring how much information about a program's secret inputs is revealed by its public outputs on a particular execution, in order to check a quantitative policy on realistic systems. Our approach builds on dynamic tainting, tracking at runtime which bits might contain secret in formation, and also uses static control-flow regions to soundly account for implicit flows via branches and pointer operations. We introduce a new graph model that bounds information flow by the maximum flow between inputs and outputs in a flow network representation of an execution. The flow bounds obtained with maximum flow are much more precise than those based on tainting alone (which is equivalent to graph reachability). The bounds are a conservative estimate of channel capacity: the amount of information that could be transmitted by an adversary making an arbitrary choice of secret inputs. We describe an implementation named Flowcheck, built using the Valgrind framework for x86/Linux binaries, and use it to perform case studies on six real C, C++, and Objective C programs, three of which have more than 250,000 lines of code. We used the tool to check the confidentiality of a different kind of information appropriate to each program. Its results either verified that the information was appropriately kept secret on the examined executions, or revealed unacceptable leaks, in one case due to a previously unknown bug. by Stephen Andrew McCamant. Ph.D. 2009-03-20T19:30:40Z 2009-03-20T19:30:40Z 2008 2008 Thesis http://hdl.handle.net/1721.1/44903 297537875 eng M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582 105 p. application/pdf Massachusetts Institute of Technology |
| spellingShingle | Electrical Engineering and Computer Science. McCamant, Stephen Quantitative information-flow tracking for real systems |
| title | Quantitative information-flow tracking for real systems |
| title_full | Quantitative information-flow tracking for real systems |
| title_fullStr | Quantitative information-flow tracking for real systems |
| title_full_unstemmed | Quantitative information-flow tracking for real systems |
| title_short | Quantitative information-flow tracking for real systems |
| title_sort | quantitative information flow tracking for real systems |
| topic | Electrical Engineering and Computer Science. |
| url | http://hdl.handle.net/1721.1/44903 |
| work_keys_str_mv | AT mccamantstephen quantitativeinformationflowtrackingforrealsystems |