Seminar: Current Topics in Information Flow Security
| Form: | Seminar - 3 CP (2 SWS) |
| Organizer: | Prof. Dr. Heiko Mantel |
| Dates: | Block seminar 1 or 2 days, (tentative dates: July 09, 2015 and July 10, 2015) |
| Language: | English |
| Registration: | via TUCaN, course id 20-00-0612-se |
| Max. participants: | 20 |
| Literature: | will be announced during the preparation meeting |
| Preparation Meeting: | April 14, 2015, 16:15-17:55 |
Material
The material for the seminar is available in the internal area.
Content
In this seminar, we will discuss recent research articles on the state of the art in information-flow security. In contrast to access control, information-flow security aims for solutions that ensure confidentiality and integrity of information once access has been granted. In other words, information-flow security aims for controlling the flow of information during a program run. Techniques from information-flow security can, for instance, ensure that an instant messaging app does not leak information about known contacts to untrusted third parties. Such a leak could be unintentional (e.g., due to a programming error) or could be deliberate (e.g., by a Trojan horse).
A common methodology for information-flow security is to separate the definition of formal information-flow properties from the development of an enforcement mechanism. A formally defined, declarative information-flow property makes the desired security guarantees explicit and is the basis for a property-centric and semantically-justified approach to security. Different enforcement mechanisms (e.g. type systems, PDGs, runtime monitoring) can be used to ensure that a program is secure. A proof of soundness formally connects the enforcement mechanism with the information-flow property and, hence, guarantees that the mechanism reliably enforces the information-flow property.
Learning Objectives
After successfully participating in this seminar you will have knowledge about recent developments in the area of information-flow security. You will know some state-of-the-art security properties and enforcement mechanisms. You will have improved your skills in reading and understanding scientific articles, in presenting scientific results, and in discussing and comparing of approaches. This seminar connects students and researchers from the MAIS group who present papers to each other and discuss them jointly.
Prerequisites
Knowledge of Computer Science equivalent to the first four semesters in the Computer Science Bachelor program.
Last modified on 24 April 2015.
Print
Imprint
Sitemap
Contact