Implementing a type system for secure information-flow. Potential security risks

Inhaltsverzeichnis (Table of Contents)

• Introduction and Objectives
• Introduction
• Background
• Objectives
• Beneficiaries and personal objectives
• Work plan
• Report structure
• Context
• Method of literature review
• Compiler functionality
• Overview and difference to interpreters
• Lexical and syntactic analysis
• Semantic analysis
• Terminology of Type
• Variables and types
• Type systems
• Principal type and principal typing
• Type rules
• Dynamic checking
• Subtyping
• Flow-sensitive typing
• Gradual typing
• Information flow security problem
• Security goals
• Issues of standard solutions
• Security classes
• Dynamic and static enforcement mechanisms
• Non-interference of information flows
• Security type systems and their features
• Covert channels
• Alternatives to non-interference
• Methods
• Development methodology
• Development tools
• Software objects that were provided
• Informal description of the While language
• Verification and validation
• Results
• Selection of type system
• Evolution 1: AST printer and harnessing the visitor pattern
• Evolution 2: AST printer for procedures
• Evolution 3: Dependency map implementation and unit testing
• Evolution 4: Security type system implementation
• Termination Principal
• Flow Principal
• Evolution 5: Procedure typings
• Input parameter dependencies
• Output parameter dependencies
• Procedure body dependencies
• Final typing
• Recursive procedure calls
• Evolution 6: Fixed type-checking algorithm
• Evolution 7: Test programs and performance
• Discussion
• Verification, validation and complexity
• Architectural limitations and alternative designs
• Discussion with attention to real-life scenarios
• Feasibility or impracticability of a security type system for SAP
• Evaluation, Reflections, and Conclusions
• Project Evaluation
• Further work

Zielsetzung und Themenschwerpunkte (Objectives and Key Themes)

This project aims to develop and implement a prototype security type system for a simple programming language, focusing on preventing confidential information leaks in program code. The project leverages existing research on security type systems and their application in enforcing information flow policies. The work also explores the feasibility of adapting such a system for use within SAP enterprise resource management systems.

• Information flow analysis and its role in securing applications
• Design and implementation of a security type system for a simple programming language
• Evaluation of the type system's effectiveness in preventing information leaks
• Exploration of the feasibility of applying a security type system to real-world scenarios, particularly within SAP systems
• Discussion of architectural limitations and potential alternative designs

Zusammenfassung der Kapitel (Chapter Summaries)

• Introduction and Objectives: This chapter sets the stage for the project, outlining the importance of information flow security and introducing the concept of security type systems. It also details the project's objectives and the scope of the work.
• Context: This chapter provides essential background information, covering key concepts related to compiler functionality, type systems, and information flow security. It delves into the challenges of traditional security measures and highlights the significance of non-interference in ensuring data confidentiality.
• Methods: This chapter discusses the methodology and tools used in the project. It provides an overview of the development process, the programming language used, and the software objects provided for the implementation.
• Results: This chapter details the implementation process and the evolution of the security type system. It covers various stages of development, including the design and implementation of the dependency map and the security type system itself.
• Discussion: This chapter analyzes the results of the project, evaluating the effectiveness of the developed security type system and discussing its potential applications in real-world scenarios. It explores architectural limitations and proposes alternative designs for addressing them. It also examines the feasibility of applying the type system to SAP systems.

Schlüsselwörter (Keywords)

The primary focus of this project is on information flow analysis and the development of a security type system for a simple programming language. Key concepts include end-to-end security, confidentiality, non-interference, and the feasibility of adapting the system for use in SAP enterprise resource management systems. The project leverages existing research on security type systems and their application in enforcing information flow policies.