Analysis and Implementation Method of Program to Detect Inappropriate Information Leak - PowerPoint PPT Presentation

About This Presentation
Title:

Analysis and Implementation Method of Program to Detect Inappropriate Information Leak

Description:

Analysis and Implementation Method of Program to Detect Inappropriate ... Graduate School of Information Science, Nana Institute of Science and Technology ... – PowerPoint PPT presentation

Number of Views:30
Avg rating:3.0/5.0
Slides: 19
Provided by: selIcsEs
Category:

less

Transcript and Presenter's Notes

Title: Analysis and Implementation Method of Program to Detect Inappropriate Information Leak


1
Analysis and Implementation Method of Program to
Detect Inappropriate Information Leak
  • Reishi Yokomori, Fumiaki Ohata, Yoshiaki
    Takata, Hiroyuki Seki and Katsuro Inoue
  • Graduate School of Engineering Science, Osaka
    University,
  • Graduate School of Information Science, Nana
    Institute of Science and Technology

2
Program slice
  • Program slice a set of all the statements that
    affect the value of the variable of a certain
    statement in a program.
  • The main directions of a program slice
  • Debugging support
  • Testing
  • maintenance
  • program composition
  • Calculation of a Program slice has a common
    method using Program Dependence Graph (PDG).

3
Program Dependence Graph
  • Program Dependence Graph (PDG)
  • PDG Graph about definition / reference relation
    between the variables of a program
  • Node lt-gt Statement
  • Edge lt-gt Dependency
  • Data Dependence (DD)
  • Control Dependence (CD)

1 readln( a) 2 readln( b) 3 readln( c)
4 if c lt 0 then 5 a 2 6
println(a)
Nodes which can reach by traversing edges from a
slice criterion are included in the Slice
4
Security Analysis
  • For the purpose of prevention of the information
    leak by the execution of a program, Security
    analysis is proposed.
  • Kuninobus algorithm
  • Information Flow Analysis Algorithm
  • Algorithm which investigates where the program
    outputs confidential information
  • From Security Class(SC) of the each input value,
    by using Information Flow, Security Class(SC) of
    the each output value is calculated.
  • Analysis based on repetition calculation of
    simultaneous equations

Shigeta Kuninobu, Yoshiaki Takata, Hiroyuki
Seki, Katsuro Inoue "An Efficient Information
Flow Analysis of Recursive Programs based on a
Lattice Model of Security Classes", Proceedings
of Third International Conference on Information
and Communications Security (ICICS 2001), Lecture
Notes in Computer Science 2229, pp.292-303,Xian,
China, Nov. 2001
5
Security Class(SC)
  • The degree of secrecy which the data has.
  • The strength relation is expressed by lattice
    structure.
  • Henceforth, I express SC with two values.
  • SC high, low
  • high Information which should be protected
  • low Information without the necessity of
    protecting
  • operation of SC
  • sum the least upper bound of SCs
    (Example low high high)
  • product the greatest lower bound of SCs
    (Example low high low)

6
Information Flow
  • The data transfer relation which exists
    between the variables in a program
  • explicit flow
  • relationship between a definition /
    reference of a variable.
  • implicit flow
  • relationship between variables referred to
    at condition clause of a branch (repetition)
    command / variables defined at its internal
    statement.

1 b 5 2 c 5 3 if ( c gt 0 ) 4 a
b 5
7
Example of Analysis
  • SC for each statement in the program is
    calculated based on information flow.

1 void method(int a ,int b, int c) 2 int
d a b c 3 if ( c gt 0 ) 4 a
b 5 6 printf(s\n, a) 7
8
Purpose of Study
  • Security Analysis method was proposed by
    Kuninobu,but no implementation has been yet made.
  • The approaches for slicing is closely related to
    the security analysis.
  • Implementation a prototype system of the
    information security analysis algorithm.
  • Realization of Security analysis as an example of
    application of a slice.

9
Implementation of Information Flow Analysis
Algorithm (1/2)
  • The approaches for slicing is closely related
    to the security analysis.
  • The plan of Implementation
  • Analysis based on the technique of PDG-creation
  • explicit flow (implicit flow) is made to
    correspond to DD (CD).


10
Implementation of Information Flow Analysis
Algorithm (2/2)
  • The Implementation method
  • Analysis based on the technique of PDG-creation
  • procedure
  • SC is set up about the each input value of a
    program
  • SCset is built for every procedure.
  • SCset the set of SC of each variable which has
    at each analysis point.
  • The element of SCset variable, SC
  • According to the order of execution of a program
    statement, SCset is updated by its updating
    algorithm.
  • Analysis is repeated until the result is
    stabilized.
  • SC of the each output value is obtained.

11
The Example of Analysis
  • Analysis of procedure test

procedure swap(var integer a,b) begin temp
a ab b temp end procedure
test begin readln(a) ? high readln(b) ?
low swap(a,b) writeln(a)
writeln(b) end.
SCset is built from variables used within
procedure before analysis. SCset (a, low)
,(b, low)
SC of writeln(a) is low
SC of writeln(b) is high.
12
Security Analysis Tool (1/2)
  • Object language Pascal programs
  • A pointer and a structure object are not taken
    into consideration.
  • Implementation of prototype tool
  • The tool is realized in the form of the
    functional addition to Osaka Slicing System,
    which is a slicing tool.
  • An additional part is described by C language.
    (about 1,000 statements)

13
Security Analysis Tool (2/2)
  • Analysis procedure
  • Syntactic analysis,and semantic analysis
  • Information required for analysis is extracted.
  • The precondition of the analysis is set up.
  • SC about the input value of a program
  • Analysis is performed on the precondition.
  • SC of the each output value is obtained.
  • The statements with high SC are
    emphasis-displayed.

14
The example of application
  • The reservation system of ticket (500 statements)
  • The module which certify a credit card number is
    attached.
  • The Analysis is performed by giving high SC to
    the input about a credit card number.

15
The example of application (Analysis result)
  • 35 output statements of 36 output statements have
    high SC.
  • statements with high SC are widely embedded in
    the reservation module
  • The information flow to the reservation module
    from a card number exists.
  • "any possible action in the reservation" implies
    "a success of credit card certification."

16
The example of application
  • change of the structure of the program
  • The system handles the reservation before the
    certification of a credit card.
  • Result
  • Only SC of the output statement about
    certification is high.
  • SC of the output statement of the reservation
    module is low.
  • the information flow from a card number to
    the reservation module disappeared.

17
Conclusion
  • we proposed the implementation method of the
    security analysis algorithm.
  • Realization of Security analysis as an example
    of application of Program Slice.
  • information flow and security class
  • Analysis based on the technique of PDG-creation
  • Realization of a security analysis tool
  • The validity to the safety check of a program was
    verified.

18
(No Transcript)
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Analysis and Implementation Method of Program to Detect Inappropriate Information Leak" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!