Daniel Schoepe, Data- och informationsteknik
Flexible Information-Flow Control
As more and more sensitive data is handled by software, its trustworthiness
becomes an increasingly important concern. This thesis presents work on ensuring
that information processed by computing systems is not disclosed to third
parties without the user's permission; i.e. to prevent unwanted flows of
information. While this problem is widely studied, proposed rigorous
information-flow control approaches that enforce strong security
properties like noninterference have yet to see widespread practical use.
Conversely, lightweight techniques such as taint tracking are more prevalent in
practice, but lack formal underpinnings, making it unclear what guarantees they
This thesis aims to shrink the gap between heavyweight information-flow control
approaches that have been proven sound and lightweight practical techniques
without formal guarantees such as taint tracking. This thesis attempts to
reconcile these areas by (a) providing formal foundations to taint tracking
approaches, (b) extending information-flow control techniques to more realistic
languages and settings, and (c) exploring security policies and mechanisms that
fall in between information-flow control and taint tracking and investigating what
trade-offs they incur.
Daniel Schoepe tillhör avdelningen för Informationssäkerhet vid Data- och informationsteknik.
Prof. Alexander Pretschner, Technische Universität, München, Tyskland.
Dr. Nataliia Bielova, INRIA Sophia Antipolis-Méditerranée, Frankrike.
Prof. Matteo Maffei, Technische Universität Wien, Österrike.
Prof. Benoit Baudry, Royal Institute of Technology, Stockholm, Sverige.
ED, lecture hall,