In this post I discuss a program security property called noninterference. I motivate why you might like it if your program satisfied noninterference, and show that the property is fundamental to many areas beyond just security. I also explore some programming languages and tools that might help you enforce noninterference, noting that while tainting analysis won’t get you the whole way there, research tools that attempt to do better have their own problems. I conclude with some suggestions for future research, in particular with the idea that testing noninterference may be a practical approach.
Tag Archives: static analysis
What is noninterference, and how do we enforce it?
Filed under Program Analysis, Software Security, Types
Remembering Professor Susan B. Horwitz
[Guest poster Thomas Ball of Microsoft Research remembers his Ph.D. advisor, Professor and programming languages researcher Susan Horwitz, who recently passed away. –Mike]
Filed under Program Analysis, Scientists