Daniel Schoepe, Computer Science and Engineering

​Flexible Information-Flow Control

As more and more sensitive data is handled by software, its trustworthiness becomes an increasingly important concern. This thesis presents work on ensuring that information processed by computing systems is not disclosed to third parties without the user's permission; i.e. to prevent unwanted flows of information. While this problem is widely studied, proposed rigorous information-flow control approaches that enforce strong security properties like noninterference have yet to see widespread practical use. Conversely, lightweight techniques such as taint tracking are more prevalent in practice, but lack formal underpinnings, making it unclear what guarantees they provide.
This thesis aims to shrink the gap between heavyweight information-flow control approaches that have been proven sound and lightweight practical techniques without formal guarantees such as taint tracking. This thesis attempts to reconcile these areas by (a) providing formal foundations to taint tracking approaches, (b) extending information-flow control techniques to more realistic languages and settings, and (c) exploring security policies and mechanisms that fall in between information-flow control and taint tracking and investigating what trade-offs they incur.
​Daniel Schoepe belongs to the Information Security division of Computer Science and Engineering.

Prof. Alexander Pretschner, Technische Universität, München, Germany.

Grading committee
Dr. Nataliia Bielova, INRIA Sophia Antipolis-Méditerranée, France.
Prof. Matteo Maffei, Technische Universität Wien, Austria.

Prof. Benoit Baudry, Royal Institute of Technology, Stockholm, Sweden.

Category Thesis defence
Location: ED, lecture hall,
Starts: 07 December, 2018, 10:00
Ends: 07 December, 2018, 11:00

Published: Thu 25 Oct 2018. Modified: Thu 22 Nov 2018