Information flow control of component-based distributed systems



Noninterference is a strong security policy that enforces confidentiality and integrity. Many solutions are proposed in the state of the art for verifying this policy in programs, but few tools are proposed to implement it. In this paper, we define a high-level model called Component Information Flow, and we develop the tools that simplify distributed secure system development and deployment.

The developer focuses on developing the functional part of his or her system and defines his or her system security properties by using a high-level configuration. When this configuration is validated, that is, no security leak is detected, the system security code is generated. To validate and demonstrate the effectiveness of our approach, we apply the Component Information Flow tools to a classical Web service use case. Copyright © 2012 John Wiley & Sons, Ltd.