Tool-Supported Architecture-Based Data Flow Analysis for Confidentiality
Felix Schwickerath, Nicolas Boltz, Sebastian Hahner, Maximilian, Walter, Christopher Gerking, Robert Heinrich
TL;DR
This paper presents a Java-based tool that leverages software architecture to perform data flow analysis for estimating system confidentiality at design time, aiming to improve scalability and scenario analysis compared to existing methods.
Contribution
The authors reimplemented a data flow confidentiality analysis as a Java tool that utilizes architecture information to identify access violations, enhancing analysis scalability.
Findings
The tool can analyze similar scenarios effectively.
It scales better for certain scenarios than existing analysis methods.
The approach facilitates confidentiality estimation during design.
Abstract
Through the increasing interconnection between various systems, the need for confidential systems is increasing. Confidential systems share data only with authorized entities. However, estimating the confidentiality of a system is complex, and adjusting an already deployed software is costly. Thus, it is helpful to have confidentiality analyses, which can estimate the confidentiality already at design time. Based on an existing data-flow-based confidentiality analysis concept, we reimplemented a data flow analysis as a Java-based tool. The tool uses the software architecture to identify access violations based on the data flow. The evaluation for our tool indicates that we can analyze similar scenarios and scale for certain scenarios better than the existing analysis.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInformation and Cyber Security · Security and Verification in Computing · Access Control and Trust