Title: Runtime verification using policy-based approach to control information flow

Authors: Mohamed Sarrab

Addresses: Communication and Information Research Center, Sultan Qaboos University, Muscat, Oman

Abstract: Computer systems are monitored to check the performance or verified to check the correctness of the software systems with respect to security properties, such as integrity, availability and confidentiality. The more sensitive the information such as credit card information, military information or personal medical information being processed by the software, the more necessary and important to monitor and control the flow of the sensitive information. Monitoring and controlling untrusted program to ensure the information confidentiality during runtime in an environment, where confidential information is presented, is difficult and unnerving. The issue is how to monitor and control the flow of the confidential information at runtime of untrusted program. In this paper, we present a novel runtime verification approach for monitoring and controlling information flow that supports user interaction with running program.

Keywords: confidential information; untrusted programs; runtime verification; runtime monitoring; information flow control; security policy; information flow policy; information confidentiality.

DOI: 10.1504/IJSN.2013.058153

International Journal of Security and Networks, 2013 Vol.8 No.4, pp.212 - 230

Published online: 08 Dec 2013 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article