ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
PrivateFlow: decentralised information flow control in event based middleware
Full text PdfPdf (653 KB)
Source Distributed event-based systems archive
Proceedings of the Third ACM International Conference on Distributed Event-Based Systems table of contents
Nashville, Tennessee
DEMONSTRATION SESSION: Demos table of contents
Article No. 38  
Year of Publication: 2009
ISBN:978-1-60558-665-6
Authors
I. Papagiannis  Imperial College London
M. Migliavacca  Imperial College London
P. Pietzuch  Imperial College London
B. Shand  Clinical and Biomedical Computing Unit
D. Eyers  University of Cambridge
J. Bacon  University of Cambridge
Sponsor
: ACM
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 6,   Downloads (12 Months): 6,   Citation Count: 0
Additional Information:

abstract   references   index terms  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1619258.1619306
What is a DOI?

ABSTRACT

Complex middleware frameworks are made out of interacting components which may include bugs. These frameworks are often extended to provide additional features by third-party extensions that may not be completely trusted and, as a result, compromise the security of the whole platform. Aiming to minimize these problems, we propose a demonstration of PrivateFlow, a publish/subscribe prototype supported by Decentralized Information Flow Control (DIFC). DIFC is a taint-tracking mechanism that can prevent components from leaking information. We will showcase a simple deployment of PrivateFlow that incorporates third-party untrusted components. In our demonstration, one of these components will try to leak sensitive information about the system's operation and it will fail once DIFC is activated.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
M. Krohn, A. Yip, et al. Information flow control for standard OS abstractions. In SOSP '07: Proceedings, pages 321--334, New York, NY, USA, 2007. ACM.
 
2
A. Myers and B. Liskov. Protecting privacy using the decentralized label model. A CM Trans. Softw. Eng. Methodol., 9(4):410--442, 2000.
 
3
S. Vandebogart, P. Efstathopoulos, E. Kohler, et al. Labels and event processes in the Asbestos operating system. ACM Trans. Comput. Syst., 25(4):11, 2007.

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Information flow controls

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Data communications
      C.2.4 Distributed Systems


General Terms:
Design, Experimentation, Measurement, Performance, Security


The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player