@article{263, author = {T. Runge and I. Schaefer and A. Knuppel and L.G.W.A. Cleophas and D.G Kourie and Bruce Watson}, title = {Tool Support for Confidentiality-by-Construction}, abstract = {In many software applications, it is necessary to preserve confidentiality of information. Therefore, security mechanisms are needed to enforce that secret information does not leak to unauthorized users. However, most language-based techniques that enable in- formation flow control work post-hoc, deciding whether a specific program violates a confidentiality policy. In contrast, we proposed in previous work a refinement-based approach to derive programs that preserve confidentiality-by-construction. This approach follows the principles of Dijkstra’s correctness-by-construction. In this extended abstract, we present the implementation and tool support of that refinement-based approach allowing to specify the information flow policies first and to create programs in a simple while language which comply to these policies by construction. In particular, we present the idea of confidentiality-by-construction using an example and discuss the IDE C-CorC supporting this development approach.}, year = {2019}, journal = {Ada User Journal }, volume = {38}, chapter = {64 - 68}, doi = {https://doi.org/10.1145/3375408.3375413}, }