Securing class initialization

Keiko Nakata

Institute of Cybernetics

Thursday, 21 January 2010, 14:00
Cybernetica Bldg (Akadeemia tee 21), room B101

Slides from the talk [pdf]

Abstract: Access control, firewalls and encryption are conventional ways to protect the confidentiality of information manipulated by computing systems. They are useful yet not perfect. They protect confidential information for instance by disallowing access to a file by non-authorized users or by preventing communication with the outside. But they do not control how confidential information may be used. In this talk, I will overview a language-based approach to information-flow security, preventing information-leaks due to unsafe manipulation of confidential information. I will introduce the notion of noninterference and present standard security type systems statically enforcing noninterference. Then I will have a closer look at information-flow security due to lazy class initialization. (Joint work with A. Sabelfeld.)

Tarmo Uustalu
Last update 23 May 2010