Abstract

SUMMARYNoninterference is a strong security policy that enforces confidentiality and integrity. Many solutions are proposed in the state of the art for verifying this policy in programs, but few tools are proposed to implement it. In this paper, we define a high‐level model called Component Information Flow, and we develop the tools that simplify distributed secure system development and deployment.The developer focuses on developing the functional part of his or her system and defines his or her system security properties by using a high‐level configuration. When this configuration is validated, that is, no security leak is detected, the system security code is generated. To validate and demonstrate the effectiveness of our approach, we apply the Component Information Flow tools to a classical Web service use case. Copyright © 2012 John Wiley & Sons, Ltd.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.