Towards Fully Automatic Logic-Based Information Flow Analysis: An Electronic-Voting Case Study
Quoc Huy Do, Eduard Kamburjan, and Nathan Wasser
Logic-based information flow analysis approaches generally are high precision, but lack automatic ability in the sense that they demand user interactions and user-defined specifications. To overcome this obstacle, we propose an approach that combines the strength of two available logic-based tools based on the KeY theorem prover: the KEG tool that detects information flow leaks for Java programs and a specification generation tool utilizing abstract interpretation on program logic. As a case study, we take a simplified e-voting system and show that our approach can lighten the user’s workload considerably, while still keeping high precision.