Preventing Illicit Information Flow in Networked Computer Games using Security Annotations | Jonas Rabbe
| | Abstract | In networked computer games using a client-server structure, bugs that result in information exposure can be used to cheat.
A programming language allowing the specification of security annotations can be designed specifically for the domain of a given game. Using the classic game Battleships as an example, a language gWhile has been designed which allows annotations following the Decentralized Label Model. The gWhile language includes communication and cryptography for secure communications, as well as other primitives specific to Battleships.
A type system has been designed to verify the information flow of programs in gWhile with respect to the Decentralized Label Model. A simple analysis has also been designed, the Type Matching Communications Analysis, which attempts to match communication statements in a program. | | Keywords | security, language design, information flow controls, the Decentralized Label Model, declassification, complete lattice, type system | | Type | Master's thesis [Academic thesis] | | Year | 2005 | | Publisher | Informatics and Mathematical Modelling, Technical University of Denmark, DTU | | Address | Richard Petersens Plads, Building 321, DK-2800 Kgs. Lyngby | | Series | IMM-Thesis-2005-11 | | Note | Supervised by Prof. Flemming Nielson. | | Electronic version(s) | [pdf] [ps] | | BibTeX data | [bibtex] | | IMM Group(s) | Computer Science & Engineering |
|