Organizer: | Prof. Dr. Heiko Mantel |
Form: | Reading-Group Seminar at February 3rd-4th, 2011 |
Registration: | Please contact Ms. Kraft. |
Literature: | will be announced during the preparation meeting |
Preparation Meeting: | Thursday, October 21st, 2010, 16:30 in S2|02/E202 |
When giving a program access to confidential data, one has to ensure that the program cannot leak this data to untrusted sinks. Such leakage may occur unintentionally (for instance, due to a programming error), but it could also be caused by a malicious program (for instance, by a Trojan horse).
One possible solution is information flow control. Formally defined information flow properties provide the basis for a property-centric and semantically well-founded approach to program security. Moreover, program analysis techniques for information flow properties provide a reliable way to check whether a program is indeed secure.
While information flow control for sequential programs is a non-trivial problem, the conceptual complexity of concurrent systems poses additional challenges. For instance, the interaction of concurrently executing threads can result in subtle information leaks. The existence of such leaks may also depend on the system environment, e.g., the scheduler. Furthermore it is necessary that information flow analyses cope with concurrency primitives like semaphores, barriers, etc. An additional challenge is to exploit such primitives profitably to ensure the trustworthiness of programs.
In the seminar, the participants will discuss approaches, techniques, and tools in the area of reliable security for concurrent programs on the basis of current research articles. The seminar will take place in the form of a reading group, where one focus will be the discussion of the covered topics within the group.
See also the description of the module.Last modified on 22 October 2012.