<aside> 💡 Key Points

• Concept of information flow security
• Confidentiality and integrity
• Explicit flows and covert channels
• Use taint analysis to detect unwanted information flow </aside>

<aside> 📖 Security

Achieving some goals in the precence of adversaries

</aside>

I. Information Flow Security

1. Access Control

Access control

• Concerns how information is accessed

Information flow security

• Concerns how information is propagated

A practical system needs both access and flow control to satisfy all security requirements. — D. Denning, 1976

2. Information Flow

<aside> 💡 Information flow: if the information in variable $x$ is transferred to variable $y$, then there is information flow $x → y$

</aside>

We can connect information flow to security, by:

1. Classify program variables into different security levels
2. Specify permissible flows between these levels, i.e., information flow policy

3. Security Levels

Security levels can be modeled as lattice

The most basic model is two-level policy, for example:

1. H, representing high security