Certified Information Flow Security
Overview
People
Outcome
Overview
The major aim is to build certified secure systems with respect to information flow. RWFM ( readers writers flow model) is a model developed by us towards decentralised inflow flow security. RWFM is a robust decentralised model that has declassification operations and is complete with respect to Denning’s lattice. Using this model, we have proposed/built (i) Information Flow Secure Linux, (ii) A language based security platform for guaranteeing information flow security of programs, (iii) a sound semantics for non-interference freedom, (iv) generalisation of information flow security for concurrent programs, (v) security certification of SPARK Programs, (vi) information flow analysis for ABAC ( attribute access control) (vii) application for privacy preserving Hadoop etc.
We have also been working on security assessment blockchain systems and arriving at guidelines for a practitioner, developing a platform for vulnerability analysis of smart contracts in Solidity and analysis of privacy
Active from 2016 to 2023
Funding: MEITY, WIPRO
Funding: MEITY, WIPRO
People
Outcome
- Radhika, B. S., NV Narendra Kumar, R. K. Shyamasundar, and Parjanya Vyas, “Consistency Analysis and Flow Secure Enforcement of SELinux Policies”, Computers & Security* (2020): 101816, March 2020.
- Parjanya Vyas and RK Shyamasundar, “SPLinux: An Information Flow Secure Linux” The 14th IEEE International Conference on Security, Privacy, and Anonymity in Computation, Communication , and Storage (IEEE SpaCCS 2021). September 30-October 3, New York, USA.
- Radhika, B. S., NV Narendra Kumar and R. K. Shyamasundar, “Towards Unifying RBAC with Information Flow Control”, ACM Symposium on Access Control Models and Technologies (SACMAT), June 16-18, 2021
- Sandip Ghosal, and R. K. Shyamasundar, “An Axiomatic Approach to Detect Information Leaks in Concurrent Programs”, Proceedings of 43rd International Conference on Software Engineering, (ICSE-NIER’21), Madrid, Spain, May 2021
- Sandip Ghosal, RK Shyamasundar, “Information Flow Security Certification for SPARK Programs”, IFIP Annual Conference on Data and Applications Security and Privacy, DBSec 2020, June 25-26, 2020.
- RK Shyamasundar, NV Narendra Kumar, Abhijit Taware, Parjanya Vyas, “An Experimental Flow Secure File System”, The 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications, 1-3 Aug 2018.
- 35. NV Narendra Kumar and RK Shyamasundar, “A complete Generative Label Model for Lattice-based Access control Models”, 15th International Conference on Software Engineering and Formal Methods, SEFM 2017, Trento, Italy, Sept 4-8 2017, LNCS 10469, 35-53
- 1. NV Narendra Kumar and RKS, A Decentralized Information flow Security Model for Multilevel Security and Privacy Domains, Granted US Patent 9,507,929 B1, Granted 29 Nov 2016
