Dynamic Information Flow Control Architecture for Web Applications

Sachiko Yoshihama, Takeo Yoshizawa, Yuji Watanabe, Michiharu Kudoh and Kazuko Oyanagi

View Related Documents

Journal Article
Dynamic security labels and static information flow control
Lantian Zheng and Andrew C. Myers
International Journal of Information Security, 2007, Volume 6, Numbers 2-3, Pages 67-84
- Download PDF (952.3 KB)
Book Chapter
On Practical Information Flow Policies for Java-Enabled Multiapplication Smart Cards
Dorina Ghindici and Isabelle Simplot-Ryl
Lecture Notes in Computer Science, 2008, Volume 5189, Smart Card Research and Advanced Applications, Pages 32-47
- Download PDF (259.2 KB)
Book Chapter
Fine-Grained Sticky Provenance Architecture for Office Documents
Takuya Mishina, Sachiko Yoshihama and Michiharu Kudo
Lecture Notes in Computer Science, 2007, Volume 4752, Advances in Information and Computer Security, Pages 336-351
- Download PDF (534.0 KB)
Book Chapter
Dynamic Security Labels and Noninterference (Extended Abstract)
Lantian Zheng and Andrew C. Myers
IFIP International Federation for Information Processing, 2005, Volume 173, Formal Aspects in Security and Trust, Pages 27-40
- Download PDF (747.2 KB)
Book Chapter
Provably Correct Runtime Enforcement of Non-interference Properties
V. N. Venkatakrishnan, Wei Xu, Daniel C. DuVarney and R. Sekar
Lecture Notes in Computer Science, 2006, Volume 4307, Information and Communications Security, Pages 332-351
- Download PDF (547.5 KB)
Book Chapter
Information Flow Control for Cooperation Support in Virtual Enterprises
Peter Bertok, Abdelkamel Tari and Saadia Kedjar
IFIP Advances in Information and Communication Technology, 2009, Volume 307, Leveraging Knowledge for Innovation in Collaborative Networks, Pages 581-590
- Download PDF (231.3 KB)
Book Chapter
An Integrated Model for Access Control and Information Flow Requirements
Samiha Ayed, Nora Cuppens-Boulahia and Frédéric Cuppens
Lecture Notes in Computer Science, 2007, Volume 4846, Advances in Computer Science – ASIAN 2007. Computer and Network Security, Pages 111-125
- Download PDF (444.8 KB)
Book Chapter
Secure Systems Design
2007, Foundations of Security, Part 1, Pages 25-60
- Download PDF (240.9 KB)
Reference Work Entry
Web Security
Lukasz Opyrchal
2005, Encyclopedia of Cryptography and Security, W, Pages 657-666
- View HTML
Book Chapter
Flow Locks: Towards a Core Calculus for Dynamic Flow Policies
Niklas Broberg and David Sands
Lecture Notes in Computer Science, 2006, Volume 3924, Programming Languages and Systems, Pages 180-196
- Download PDF (609.8 KB)

Abstract

In typical Web applications, the access control at the database management system is not effective due to the dependency on application behavior. That is, once the information is retrieved, a careless application can easily leak the information to undesirable parties. In addition, database accounts are often shared for multiple Web users in order to allow connection pooling. We propose DIFCA-J (Dynamic Information Flow Control Architecture for Java), to keep track of and control fine-grained information propagation through execution of the program. DIFCA-J allows controlling the information flow at run-time, without needing to modify the source code of the target application or the Java VMs.

Fulltext Preview

Image of the first page of the fulltext document

Frequently asked questions General info on journals and books Send us your feedback Impressum Contact us

SpringerLink

Dynamic Information Flow Control Architecture for Web Applications

View Related Documents

Abstract

Fulltext Preview