DroidDisintegrator

The virtual machine in the fine-grained information flow tracking is the basis for realization of transparent cloud platform program level control. The information flow control access to sensitive information in the process, because the authority transfer security level and cannot read or write the non sensitive data, the coarse granularity information flow control is difficult to meet the actual demand of diversification, this paper proposes extended DIFC (Distributed Information Flow Control) model, this model avoids component of cloud platform virtual machine because of the higher level of security sensitive data through reading, it sends or modifies the defects of non sensitive data by transfering the authority, and effectively overcomes the defect that the existing information flow control method for the coarse granularity, and the shortcomings which unable to meet the actual demand, this model guarantees the tracking and control of fine-grained information flow within the virtual machine application, and it does not affect the original cloud service operation.

Cloud now provides a wide range of services hosted by different providers from different domains. These services can be composed together dynamically to realize important tasks. In a composite service, information may flow from one service to subsequent services from different domains. Such information flow, if not properly controlled, may cause undesired leakage of critical data. Existing works on access control for web service do not consider the information flow problem in composite services. Existing information flow control (IFC) techniques is not flexible and cannot work with domain-specific information flow control policies. Existing works on access control for web service do not consider the information flow problem in composite services. Existing information flow control (IFC) techniques are not flexible and cannot work with domain-specific information flow control policies. In this paper, we define the WS-AIFC infrastructure for enforcing access and information flow control. The major goal of WS-AIFC is to provide a new IFC mechanism that can allow each domain to define their own IFC policies while WS-AIFC is capable of preventing undesired information leakage (IFC policy violation) among benign, semi-honest service domains. The main idea in WS-AIFC is to derive and record the dependency list for each data object. The system, upon receiving an access request to a critical data object, not only validates the conventional access control policy for the access, but also extracts the data and the corresponding domains in the dependency list and consults these domains to validate their IFC policies for the indirect access. In summary, WS-AIFC empowers individual domains to control how their information flows and achieves enhanced security for service based systems.

Information Flow Control (IFC) is important to ensure secure programs where secret data does not influence any public data. The pervasive standard that IFC aims to is non-interference. Current IFC systems are separated into dynamic IFC, static IFC, and hybrids between static and dynamic. With dynamic IFC suffering from high overhead and limited ability to prevent implicit flows due to the paths not taken, we propose a novel modular static IFC system. To the best of our knowledge, this is the first modular static IFC system. Unlike type-based static IFC systems, ours is logic-based. The limitation of type-based IFC systems is in the inviolability of static security label declarations for fields. As such, they suffer from transient leaks on fields. Our proposed system uses a Hoare-like logic. It verifies each function independently with the help of separation logic. Furthermore, we provide the proof of correctness for our novel IFC system with respect to termination- and timing-insensitive non-interference.

The security of software-intensive systems is frequently attacked. High fines or loss in reputation are potential consequences of not maintaining confidentiality, which is an important security objective. Detecting confidentiality issues in early software designs enables cost-efficient fixes. A Data Flow Diagram (DFD) is a modeling notation, which focuses on essential, functional aspects of such early software designs. Existing confidentiality analyses on DFDs support either information flow control or access control, which are the most common confidentiality mechanisms. Combining both mechanisms can be beneficial but existing DFD analyses do not support this. This lack of expressiveness requires designers to switch modeling languages to consider both mechanisms, which can lead to inconsistencies. In this article, we present an extended DFD syntax that supports modeling both, information flow and access control, in the same language. This improves expressiveness compared to related work and avoids inconsistencies. We define the semantics of extended DFDs by clauses in first-order logic. A logic program made of these clauses enables the automated detection of confidentiality violations by querying it. We evaluate the expressiveness of the syntax in a case study. We attempt to model nine information flow cases and six access control cases. We successfully modeled fourteen out of these fifteen cases, which indicates good expressiveness. We evaluate the reusability of models when switching confidentiality mechanisms by comparing the cases that share the same system design, which are three pairs of cases. We successfully show improved reusability compared to the state of the art. We evaluated the accuracy of confidentiality analyses by executing them for the fourteen cases that we could model. We experienced good accuracy.

This paper investigates the problem of preserving information flow security in Event-B specification models and during the process of refining an abstract specification to be more concrete. A typed Event-B model is presented to enforce information flow security.We then present an approach to the problem of preserving information flow properties under abstraction refinement. The novelty of the approach is that we formalise refinement transformation in terms of the mathematical concept of Galois connection for the purpose of information-flow analysis and control. That is, the stateinvariant and state-transition predicates of the models are used to generate the Galois connection. We show how the refinement transformation ensures to preserve the security properties during the development steps from the beginning abstract-level specification to a concrete implementation.

This research is supported by the China National R&D Key Research Program (2019YFB1705703) and the In-terdisciplinary Program of SJTU, Shanghai, China (No. YG2019ZDA07).

A new generation of avionics system has three major technical characteristics of high resource sharing, data integration and software intensive. However, in the cooperative combat environment, which has the problem of potential sensitive information leakage and tamper when the combat aircraft communicate with each other. In this paper, we are based on the single node of information flow control model, combined with PCS, proposed a distributed information flow control model in MILS, constructed the PCS information flow control strategy, and together with other trusted component of information flow control strategy that form the multi-level information flow control policy framework, which design an information flow control mechanism of PCS and realized the distributed information flow control in MILS. After analysis and verification, the design of the distributed information flow security control method in MILS can effectively ensure the confidentiality and integrity of the information among the nodes.

Mechanisms of neuroprogression and interventions to predict and arrest it

CDroid: practically implementation a formal-analyzed CIFC model on Android

In order to minimize uncertainty of the inversed parameters to the largest extent by making full use of the limited information in remote sensing data, it is necessary to understand what the information flow in quantitative remote sensing model inversion is, thus control the information flow. Aiming at this, the paper takes the linear kernel-driven model inversion as an example. At first, the information flow in different inversion methods is calculated and analyzed, then the effect of information flow controlled by multi-stage inversion strategy is studied, finally, an information matrix based on USM is defined to control information flow in inversion. It shows that using Shannon entropy decrease of the inversed parameters can express information flow more properly. Changing the weight of a priori knowledge in inversion or fixing parameters and partitioning datasets in multi-stage inversion strategy can control information flow. In regularization inversion of remote sensing, information matrix based on USM may be a better tool for quantitatively controlling information flow.

One of the challenges of analyzing, testing and debugging Android apps is that the potential execution orders of callbacks are missing from the apps' source code. However, bugs, vulnerabilities and refactoring transformations have been found to be related to callback sequences. Existing work on control flow analysis of Android apps have mainly focused on analyzing GUI events. GUI events, although being a key part of determining control flow of Android apps, do not offer a complete picture. Our observation is that orthogonal to GUI events, the Android API calls also play an important role in determining the order of callbacks. In the past, such control flow information has been modeled manually. This paper presents a complementary solution of constructing program paths for Android apps. We proposed a specification technique, called Predicate Callback Summary (PCS), that represents the callback control flow information (including callback sequences as well as the conditions under which the callbacks are invoked) in Android API methods and developed static analysis techniques to automatically compute and apply such summaries to construct apps' callback sequences. Our experiments show that by applying PCSs, we are able to construct Android apps' control flow graphs, including inter callback relations, and also to detect infeasible paths involving multiple callbacks. Such control flow information can help program analysis and testing tools to report more precise results. Our detailed experimental data is available at: http://www.cs.iastate.edu/~weile/toolsdata/SummarizeAndroidFramework/lithium.html.

Due to multi-tenancy, access control is a very important component in SaaS (Software as a Service), especially for controlling cross-tenant accesses. Due to the potential information flow among multiple tenants, information flow control should also be carefully addressed. Existing models for SaaS access control have some limitations, especially in information flow control. In this paper, we define a new SaaS-AIFC model to provide comprehensive and improved access and information flow control in SaaS. SaaS-AIFC incorporates two advanced features. First, SaaS-AIFC integrates the advanced role mapping technique to govern the cross-tenant accesses. Role mapping is very flexible and can be very efficient for SaaS with a large number of tenants. We integrate role mapping in SaaS by developing a detailed process for mapping establishment and retrieval during validation. Second, we propose a new IFC model in SaaS-AIFC, which tracks the dependency of data objects and uses the dependency information to achieve flexible information flow control. An architecture design for realizing the SaaS-AIFC model is also proposed.

Information flow control is a key issue in the large-scale systems, it needs to consider the collaboration between multi-components, execution efficiency, system security, and other aspects, the complexity of information flow control is particularly prominent in the virtualization system. The current information flow control in virtualization system mainly use direct communication and asynchronous communication mode, but they have disadvantage such as complexity of VMM designing, increasing the risk of system security, low efficiency of data transmission. In this paper, we establish a synchronous communication mechanism based on the Collaborative-VMM, three key information flow control were designed in this VMM including I/O processing, interrupt processing, and user interface, it can eliminate the issue of processing delay between VMM and the I/O processing component. The experimental results show that the synchronous communication mechanism can simplify the design of virtualization system and does not reduce the performance of the system at the same time, it is a viable information flow control scheme.

Conventional security policies for software applications are adequate for managing concerns on the level of access control. But standard abstraction mechanisms of mainstream programming languages are not sufficient to express how information is allowed to flow between resources once access to them has been obtained. In practice we believe that such control – information flow control – is needed to manage the end-to-end security properties of applications. In this paper we present Paragon, a Java-based language with first-class support for static checking of information flow control policies. Paragon policies are specified in a logic-based policy language. By virtue of their explicitly stateful nature, these policies appear to be more expressive and flexible than those used in previous languages with information-flow support. Our contribution is to present the design and implementation of Paragon, which smoothly integrates the policy language with Java’s object-oriented setting, and reaps the benefits of the marriage with a fully fledged programming language.

Making Data Flow