Skip to main content
SpringerLink
Log in

Combining Abstract Interpretation and Model Checking for Analysing Security Properties of Java Bytecode

  • Conference paper
  • First Online:
Verification, Model Checking, and Abstract Interpretation (VMCAI 2002)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2294))

Abstract

We present an approach enabling end-users to prove security properties of the Java bytecode by statically analysing the code itself, thus eliminating the run time check for the access permission. The approach is based on the combination of two well-known techniques: abstract interpretation and model checking. By means of an operational abstract semantics of the bytecode, we built a finite transition system embodying security informations and abstracting from actual values. Then we model check it against some formulae expressing security properties. We use the SMV model checker. A main point of the paper is the definition of the properties that the abstract semantics must satisfy to ensure the absence of security leakages.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. G. R. Andrews, R. P. Reitman. An axiomatic approach to information flow in programs. ACM Transactions on programming languages and systems, 2(1), 1980, pp. 56–76.

    Article  MATH  Google Scholar 

  2. T. Ball. What’s in a region? Or computing control dependence regions in nearlinear time for reducible control flow. ACM Letters on Programming languages and Systems, Vol. 2, N. 1–4, 1993, pp. 1–16.

    Article  Google Scholar 

  3. R. Barbuti, C. Bernardeschi, N. De Francesco. Abstract Interpretation of Operational Semantics for Secure Information Flow. To appear on Information Processing Letters.

    Google Scholar 

  4. R. Barbuti, C. Bernardeschi, N. De Francesco. Checking Security of Java Bytecode by Abstract Interpretation. Proceedings of the Special Track on Security at the ACM Symposium on Applied Computing (SAC2002), March 10–14, Spain 2002, (to appear).

    Google Scholar 

  5. P. Bieber, J. Cazin, P. Girard, J-L. Lanet, V. Wiels, G. Zanon. Checking Secure Interactions of Smart Card Applets. Proceedings of ESORICS 2000.

    Google Scholar 

  6. E.M. Clarke, E.A. Emerson, A.P. Sistla. Automatic verification of finite-state concurrent systems using temporal logic specifications. ACM Transactions on programming Languages and Systems, vol. 8, n. 2, 1986, 244–263.

    Article  MATH  Google Scholar 

  7. P. Cousot, R. Cousot. Abstract interpretation frameworks. Journal of Logic and Computation, 2, 1992, pp. 511–547.

    Article  MATH  MathSciNet  Google Scholar 

  8. P. Cousot, R. Cousot. Inductive Definitions,Semantics and Abstract interpretations. Proc. 19th ACM Symposium on Principles of programming languages, POPL’92, 1992, pp. 83–94.

    Google Scholar 

  9. D. E. Denning, P. J. Denning. Certification of programs for secure information flow. Communications of the ACM, 20(7), 1977, pp. 504–513.

    Article  MATH  Google Scholar 

  10. B.W. Lampson. A note on the confinement problem. Communications of the ACM, Vol. 16, n. 10, 1973, pp. 613–615.

    Article  Google Scholar 

  11. K.L. McMillan. The SMV language. Cadence Berkeley Labs, Cadence Design Systems, Berkeley, March 1999.

    Google Scholar 

  12. Lindholm T., F. Yellin. The java virtual machine specification. Addison-Wesley, 1996.

    Google Scholar 

  13. G. Morrisett, D. Walker, K. Crary, N. Glew. From System F to Typed Assembly Language. ACM Transactions on Programming Languages and Systems, Vol. 21, N. 3, 1999, pp. 527–568.

    Article  Google Scholar 

  14. A. Sabelfeld, D. Sands. The impact of synchronization on secure information flow in concurrent programs. Proceedings Andrei Ershov 4th International Conference on Perspective of System Informatics, Novosibirsk, LNCS, Springer-Verlag, July 2001.

    Google Scholar 

  15. D. A. Schmidt. Abstract interpretation of small-step semantics. Proceedings 5th LOMAPS Workshop on Analysis and Verification of Multiple-Agent Languages, M. Dam and F. Orava, eds. Springer, 1996.

    Google Scholar 

  16. D. A. Schmidt, B. Steffen. Program analysis as model checking of abstract interpretations. Proc. 5th Static Analysis Symposium, G. Levi. ed., Pisa, September, 1998. Springer LNCS 1503.

    Google Scholar 

  17. D. A. Schmidt. Data-flow analysis is model checking of abstract interpretations. Proc. 25th ACM Symp. Principles of Programming Languages, San Diego, 1998.

    Google Scholar 

  18. D. Volpano, G. Smith, C. Irvine. A sound type system for secure flow analysis. Journal of Computer Security, 4(3), 1996, pp. 167–187.

    Google Scholar 

  19. D. Volpano, G. Smith. Eliminating covert flows with minimum typing. Proceedings 10th IEEE Computer Security Security Foundation Workshop, June 1997, pp. 156–168.

    Google Scholar 

  20. R. Stata, M. Abadi. A type system for java bytecode subroutine. ACM Transactions on Programming Languages and Systems, Vol. 21, n. 1, 1999, pp. 90–137.

    Article  Google Scholar 

  21. Z. Xu, B. P. Miller, T. Reps. Safety Checking of Machine Code. Proceedings ACM SIGPLAN Conference on Programming Language Design and Implementation, Vancouver, Canada, 2000, pp. 70–82.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Ingegneria della Informazione, Universitá di Pisa, Via Diotsalvi 2, 56126, Pisa, Italy

    Cinzia Bernardeschi & Nicoletta De Francesco

Authors
  1. Cinzia Bernardeschi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nicoletta De Francesco
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dipartimento di Informatica, Università Ca’ Foscari di Venezia, Via Torino 155, 30170, Mestre-Venezia, Italy

    Agostino Cortesi

Rights and permissions

Reprints and permissions

Copyright information

© 2002 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bernardeschi, C., De Francesco, N. (2002). Combining Abstract Interpretation and Model Checking for Analysing Security Properties of Java Bytecode. In: Cortesi, A. (eds) Verification, Model Checking, and Abstract Interpretation. VMCAI 2002. Lecture Notes in Computer Science, vol 2294. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47813-2_1

Download citation

  • DOI: https://doi.org/10.1007/3-540-47813-2_1

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-43631-7

  • Online ISBN: 978-3-540-47813-3

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation