The objectives of this project are to design, implement and systematically demonstrate a chosen type system considering reliability, performance, and scalability. Furthermore, it aims to determine the limitations of the implementation and alternative architectural designs, to evaluate the extent to which the developed prototype scales up to real-life scenarios and to investigate the feasibility of a similar security type system for SAP systems.
Standard security practices, such as access controls, insufficiently assure secure end-to-end behaviour of an application. Any program flaw, no matter how small or big, poses a potential security risk. Static information flow analysis checks a program for confidential information leaks into public data containers at compile-time.
This design-and-build project’s aim is the prototypical implementation of a security type system for a simple demonstrative language to prevent programs leaking confidential information effectively. The project is based on existing research concerning security type systems as a means of enforcing information flow policies in a program. The results are discussed not only in terms of validity but also considering the feasibility of a similar security type system for SAP enterprise resource management systems.
Society relies heavily on software-intensive systems in all facets of life. Information is automatically processed in automobiles, phones, fridges, and countless web servers. Much of that information is personal data and can distinguish an individual’s identity, such as their name, biometric records, or email addresses. Intellectual property and confidential information are handled in mission-critical military, governmental, medical and business applications. Therefore, building trust in the handling of data by systems is a crucial aspect of software architecture design.
Inhaltsverzeichnis (Table of Contents)
- Introduction and Objectives
- Introduction
- Background
- Objectives
- Beneficiaries and personal objectives
- Work plan
- Report structure
- Context
- Method of literature review
- Compiler functionality
- Overview and difference to interpreters
- Lexical and syntactic analysis
- Semantic analysis
- Terminology of Type
- Variables and types
- Type systems
- Principal type and principal typing
- Type rules
- Dynamic checking
- Subtyping
- Flow-sensitive typing
- Gradual typing
- Information flow security problem
- Security goals
- Issues of standard solutions
- Security classes
- Dynamic and static enforcement mechanisms
- Non-interference of information flows
- Security type systems and their features
- Covert channels
- Alternatives to non-interference
- Methods
- Development methodology
- Development tools
- Software objects that were provided
- Informal description of the While language
- Verification and validation
- Results
- Selection of type system
- Evolution 1: AST printer and harnessing the visitor pattern
- Evolution 2: AST printer for procedures
- Evolution 3: Dependency map implementation and unit testing
- Evolution 4: Security type system implementation
- Termination Principal
- Flow Principal
- Evolution 5: Procedure typings
- Input parameter dependencies
- Output parameter dependencies
- Procedure body dependencies
- Final typing
- Recursive procedure calls
- Evolution 6: Fixed type-checking algorithm
- Evolution 7: Test programs and performance
- Discussion
- Verification, validation and complexity
- Architectural limitations and alternative designs
- Discussion with attention to real-life scenarios
- Feasibility or impracticability of a security type system for SAP
- Evaluation, Reflections, and Conclusions
- Project Evaluation
- Further work
Zielsetzung und Themenschwerpunkte (Objectives and Key Themes)
This project aims to develop and implement a prototype security type system for a simple programming language, focusing on preventing confidential information leaks in program code. The project leverages existing research on security type systems and their application in enforcing information flow policies. The work also explores the feasibility of adapting such a system for use within SAP enterprise resource management systems.
- Information flow analysis and its role in securing applications
- Design and implementation of a security type system for a simple programming language
- Evaluation of the type system's effectiveness in preventing information leaks
- Exploration of the feasibility of applying a security type system to real-world scenarios, particularly within SAP systems
- Discussion of architectural limitations and potential alternative designs
Zusammenfassung der Kapitel (Chapter Summaries)
- Introduction and Objectives: This chapter sets the stage for the project, outlining the importance of information flow security and introducing the concept of security type systems. It also details the project's objectives and the scope of the work.
- Context: This chapter provides essential background information, covering key concepts related to compiler functionality, type systems, and information flow security. It delves into the challenges of traditional security measures and highlights the significance of non-interference in ensuring data confidentiality.
- Methods: This chapter discusses the methodology and tools used in the project. It provides an overview of the development process, the programming language used, and the software objects provided for the implementation.
- Results: This chapter details the implementation process and the evolution of the security type system. It covers various stages of development, including the design and implementation of the dependency map and the security type system itself.
- Discussion: This chapter analyzes the results of the project, evaluating the effectiveness of the developed security type system and discussing its potential applications in real-world scenarios. It explores architectural limitations and proposes alternative designs for addressing them. It also examines the feasibility of applying the type system to SAP systems.
Schlüsselwörter (Keywords)
The primary focus of this project is on information flow analysis and the development of a security type system for a simple programming language. Key concepts include end-to-end security, confidentiality, non-interference, and the feasibility of adapting the system for use in SAP enterprise resource management systems. The project leverages existing research on security type systems and their application in enforcing information flow policies.
- Quote paper
- Dominik Kropp (Author), 2019, Implementing a type system for secure information-flow. Potential security risks, Munich, GRIN Verlag, https://www.grin.com/document/962215