Skip to Main Content
This paper describes a compile-time information flow control (IFC) mechanism that certifies secure information flow within the collection of objects accessed by a program. The IFC mechanism is based on the lattice model and certification mechanism of Denning, who proposes the use of the mechanism during the analysis phase of compilation. However, IFC is placed after semantic analysis and before code optimization by ufilizing an intermediate code representation. This reduces the complexity of IFC and allows a degree of language independence. An implentation has been developed for Pascal.