Information Flow Testing

The Third Path Towards Confidentiality Guarantee
  • Gurvan Le Guernic
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4846)


Noninterference, which is an information flow property, is typically used as a baseline security policy to formalize confidentiality of secret information manipulated by a program. Noninterference verification mechanisms are usually based on static analyses and, to a lesser extent, on dynamic analyses. In contrast to those works, this paper proposes an information flow testing mechanism. This mechanism is sound from the point of view of noninterference. It is based on standard testing techniques and on a combination of dynamic and static analyses. Concretely, a semantics integrating a dynamic information flow analysis is proposed. This analysis makes use of static analyses results. This special semantics is built such that, once a path coverage property has been achieved on a program, a sound conclusion regarding the noninterfering behavior of the program can be established.


Dynamic Analysis Dynamic Information Public Output Execution State Covert Channel 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ashby, W.R.: An Introduction to Cybernetics. Chapman & Hall, Sydney, Australia (1956)zbMATHGoogle Scholar
  2. 2.
    Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proc. Symp. on Security and Privacy, pp. 11–20. IEEE Computer Society Press, Los Alamitos (1982)Google Scholar
  3. 3.
    Cohen, E.S.: Information transmission in computational systems. ACM SIGOPS Operating Systems Review 11(5), 133–139 (1977)CrossRefGoogle Scholar
  4. 4.
    Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. on Selected Areas in Communications 21(1), 5–19 (2003)CrossRefGoogle Scholar
  5. 5.
    Vachharajani, N., Bridges, M.J., Chang, J., Rangan, R., Ottoni, G., Blome, J.A., Reis, G.A., Vachharajani, M., August, D.I.: Rifle: An architectural framework for user-centric information-flow security. In: Proceedings of the International Symposium on Microarchitecture (2004)Google Scholar
  6. 6.
    Le Guernic, G., Banerjee, A., Jensen, T., Schmidt, D.: Automata-based Confidentiality Monitoring. In: Proc. Asian Computing Science Conference. LNCS, Springer, Heidelberg (2006)Google Scholar
  7. 7.
    Shroff, P., Smith, S.F., Thober, M.: Dynamic dependency monitoring to secure information flow. In: Proc. Computer Security Foundations Symposium, IEEE Computer Society, Los Alamitos (2007)Google Scholar
  8. 8.
    Le Guernic, G., Jensen, T.: Monitoring Information Flow. In: Proc. Workshop on Foundations of Computer Security, DePaul University, pp. 19–30 (2005)Google Scholar
  9. 9.
    Ntafos, S.C.: A comparison of some structural testing strategies. IEEE Transactions on Software Engineering 14(6), 868–874 (1988)CrossRefGoogle Scholar
  10. 10.
    Beizer, B.: Software Testing Techniques. International Thomson Computer Press (1990)Google Scholar
  11. 11.
    Williams, N., Marre, B., Mouy, P., Muriel, R.: Pathcrawler: Automatic generation of path tests by combining static and dynamic analysis. In: Dal Cin, M., Kaâniche, M., Pataricza, A. (eds.) EDCC 2005. LNCS, vol. 3463, pp. 281–292. Springer, Heidelberg (2005)Google Scholar
  12. 12.
    Godefroid, P., Klarlund, N., Sen, K.: DART: Directed Automated Random Testing. In: Proc. Programming Language Design and Implementation. ACM SIGPLAN Notices, vol. 40, pp. 213–223 (2005)Google Scholar
  13. 13.
    Sen, K., Agha, G.: Cute and JCute: Concolic unit testing and explicit path model-checking tools. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 419–423. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  14. 14.
    Gupta, N., Mathur, A.P., Soffa, M.L.: Automated Test Data Generation Using an Iterative Relaxation Method. In: Proc. Symposium on Foundations of Software Engineering, pp. 231–244. ACM Press, New York (1998)Google Scholar
  15. 15.
    Myers, A.C.: JFlow: Practical mostly-static information flow control. In: Proc. Symp. on Principles of Programming Languages, pp. 228–241 (1999)Google Scholar
  16. 16.
    Pottier, F., Simonet, V.: Information flow inference for ML. ACM Trans. on Programming Languages and Systems 25(1), 117–158 (2003)CrossRefGoogle Scholar
  17. 17.
    Le Guernic, G.: Automaton-based Confidentiality Monitoring of Concurrent Programs. In: Proc. Computer Security Foundations Symposium (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Gurvan Le Guernic
    • 1
    • 2
  1. 1.Kansas State University - Manhattan, KS 66506USA
  2. 2.IRISA - Campus universitaire de Beaulieu, 35042 RennesFrance

Personalised recommendations