Language Based Information Routing
Security: Policy Enforcement
George Oreku 1, Jianzhong Li1, and Fredrick Mtenzi2
1Department of Computer Science and Engineering, Harbin Institute of Technology, China
2 School of Computing, Dublin Institute of Technology, Ireland
1Department of Computer Science and Engineering, Harbin Institute of Technology, China
2 School of Computing, Dublin Institute of Technology, Ireland
Abstract:
Languages-based security promises to be a powerful tool with which provably secure routing applications may be developed. Programs written in these languages enforce a strong policy of non-interference, which ensures that high-security data will not be observable on low-security channels. The information routing security proposed aim to fill the gap between representation and enforcement by implementing and integrating the divers security services needed by policy. Policy is enforced by the run-time compiler and executions based mechanism to information violating routing policy and regulation of security services. Checking the routing requirements of explicit route achieves this result for statements involving explicit route. Unfortunately, such classification is often expressed as an operation within a given program, rather than as part of a policy, making reasoning about the security implications of a policy more difficult. We formalize our approach for a C++ like language and prove a modified form of our non-interference method. We have implemented our approach as an extension to C and provide some of our experience using it to build a secure information routing.Keywords:Security policy, routing, condition statements
Received January 5, 2007; accepted November 6, 2007