Authors

Abstract

The static analysis of secure information flow has been studied for many years. The existing methods tend to be overly conservative or to be overly attention to location information leak. This paper uses data flow analysis to deal with secure information flow. Two variables of dynamic update security levels were introduced. The program is secure without any variable of downgrade security level at exit of a program. The analysis can deal with more secure programs. The soundness of the analysis is proved.