摘要: Noninterference, which is an information flow property, typically used as a baseline security policy to formalize confidentiality of secret manipulated by program. Noninterference verification mechanisms are usually based on static analyses and, lesser extent, dynamic analyses. In contrast those works, this paper proposes testing mechanism. This mechanism sound from the point view noninterference. It standard techniques and combination Concretely, semantics integrating analysis proposed. makes use results. special built such that, once path coverage property has been achieved program, conclusion regarding noninterfering behavior program can be established.
springer.com
sci-hub.st 参考文章(17)
Gurvan Le Guernic, Thomas Jensen, Monitoring Information Flow Workshop on Foundations of Computer Security, FCS´05, Chicago, USA. pp. 19- 30 ,(2006)
Nicky Williams, Bruno Marre, Patricia Mouy, Muriel Roger, PathCrawler: automatic generation of path tests by combining static and dynamic analysis european dependable computing conference. pp. 281- 292 ,(2005) , 10.1007/11408901_21
Koushik Sen, Gul Agha, CUTE and jCUTE: Concolic Unit Testing and Explicit Path Model-Checking Tools Computer Aided Verification. pp. 419- 423 ,(2006) , 10.1007/11817963_38
Gurvan Le Guernic, Anindya Banerjee, Thomas Jensen, David A. Schmidt, Automata-based confidentiality monitoring ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues. pp. 75- 89 ,(2006) , 10.1007/978-3-540-77505-8_7
Boris Beizer, Software Testing Techniques ,(1983)
Neelam Gupta, Aditya P. Mathur, Mary Lou Soffa, Automated test data generation using an iterative relaxation method foundations of software engineering. ,vol. 23, pp. 231- 244 ,(1998) , 10.1145/288195.288321
J. A. Goguen, J. Meseguer, Security Policies and Security Models ieee symposium on security and privacy. pp. 11- 11 ,(1982) , 10.1109/SP.1982.10014
François Pottier, Vincent Simonet, Information flow inference for ML ACM Transactions on Programming Languages and Systems. ,vol. 25, pp. 117- 158 ,(2003) , 10.1145/596980.596983
Patrice Godefroid, Nils Klarlund, Koushik Sen, DART: directed automated random testing programming language design and implementation. ,vol. 40, pp. 213- 223 ,(2005) , 10.1145/1064978.1065036
William Ross Ashby, An introduction to cybernetics ,(1956)