07/04/2011, 16:30 — 17:30 — Tagus-1.1
José Santos, INRIA, Sophia-Antipolis
On Extracting Security Policies From Program Invariants - A static analysis for dynamic decision making
This presentation approaches the problem of verifying program compliance with information flow policies by proposing a framework that enables dealing with complex and dynamic policies in an efficient and flexible manner. We introduce a calculus for extracting the fundamental dependencies that are encoded into a program which is proved to be both sound and optimal. From the output of this analysis, the strictest security policy under which a program may be executed is then statically inferred. This policy can be used to dynamically decide whether a program is allowed to run, or as a comprehensive and succinct digest of the reasons for which a program is not deemed secure.
This session will be held in Room 0.32 of TagusPark!