Computer systems are monitored to check the performance or verified to check the correctness of the software systems with respect to security properties, such as integrity, availability and confidentiality. The more sensitive the information such as credit card information, military information or personal medical information being processed by the software, the more necessary and important to monitor and control the flow of the sensitive information. Monitoring and controlling untrusted program to ensure the information confidentiality during runtime in an environment, where confidential information is presented, is difficult and unnerving. The issue is how to monitor and control the flow of the confidential information at runtime of untrusted program. In this paper, we present a novel runtime verification approach for monitoring and controlling information flow that supports user interaction with running program.
ASJC Scopus subject areas