Conference Papers: Tool Demonstration: JOANA

[demojoana16]

Jürgen Graf, Martin Hecker, Martin Mohr, Gregor Snelting, Tool Demonstration: JOANA, Piessens, Frank and Vigan{\`o}, Luca (Ed.), Principles of Security and Trust - 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2-8, 2016, Proceedings, pp. 89--93, Springer Berlin Heidelberg, 2016.

Abstract

JOANA is a tool for information flow control, which can handle full Java with unlimited threads and scales to ca. 100kLOC. JOANA uses a new algorithm for checking probabilistic noninterference, named RLSOD. JOANA uses a stack of sophisticated program analysis techniques which minimise false alarms. JOANA is open source (joana.ipd.kit.edu) and offers an Eclipse GUI as well as an API. The current tool demonstration paper concentrates on JOANA's precision. Effects of flow-sensitivity, context-sensitivity, and object-sensitivity are explained, as well as precision gains from the new RLSOD criterion.

Download

[PDF]

[DOI]

Original article available at springerlink.com.

BibTeX

@inproceedings{demojoana16,
  title = {Tool Demonstration: JOANA},
  booktitle = {Principles of Security and Trust - 5th International Conference, POST
        2016, Held as Part of the European Joint Conferences on Theory and
        Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April
        2-8, 2016, Proceedings},
  year = {2016},
  publisher = {Springer Berlin Heidelberg},
  volume = {9635},
  pages = {89--93},
  author = {J{\"u}rgen Graf and Martin Hecker and Martin Mohr and Gregor Snelting},
  editor = {Piessens, Frank and Vigan{\`o}, Luca},
  series = {Lecture Notes in Computer Science},
  doi = {10.1007/978-3-662-49635-0_5},
}

Authors at the institute

Department Head
Prof. Gregor Snelting

Former Staff Member
Dr.-Ing. Jürgen Graf
Dr.-Ing. Martin Hecker
Dr.-Ing. Martin Mohr

Projects

Project

IFC for Mobile Components

VALSOFT/Joana