Abstract

Securing the confidentiality and integrity of information manipulated by computer software is an old yet increasingly important problem. Current software permission systems present on Android or iOS provide inadequate support for developing applications with secure information flow policies. To be useful, information flow control policies need to specify declassifications and the conditions under which declassification must occur. Having these declassifications scattered all over the program makes policies hard to find, which makes auditing difficult. To overcome these challenges, a policy specification language, 'Evidently' is discussed that allows one to specify information flow control policies separately from the program and which supports conditional gradual releases that can be automatically enforced. I discuss the Evidently grammar and modular semantics in detail. Finally, I discuss the implementational details of Evidently compiler within the Xtext language development environment and the implementation's enforcement of policies.

Graduation Date

2018

Semester

Summer

Advisor

Leavens, Gary

Degree

Master of Science (M.S.)

College

College of Engineering and Computer Science

Department

Computer Science

Degree Program

Computer Science

Format

application/pdf

Identifier

CFE0007244

URL

http://purl.fcla.edu/fcla/etd/CFE0007205

Language

English

Release Date

August 2018

Length of Campus-only Access

None

Access Status

Masters Thesis (Open Access)

Share

COinS