Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Logic-Based Program Synthesis and Transformation

LOPSTR 2004: Logic Based Program Synthesis and Transformation pp 85–100Cite as

Unwinding Conditions for Security in Imperative Languages

  • Conference paper

  • 277 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3573))

Abstract

We study unwinding conditions for the definition of non-interference properties of a simple imperative language, admitting parallel executions on a shared memory. We present different classes of programs obtained by instantiating a general unwinding framework and show that all the programs in these classes satisfy the non-interference principle. Moreover, we introduce a subclass of secure programs which is compositional with respect to the language constructors and we discuss verification techniques.

This work has been partially supported by the EU Contract IST-2001-32617 and the FIRB project RBAU018RCZ.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agat, J.: Transforming out Timing Leaks. In: Proc. of ACM Symposium on Principles of Programming Languages (POPL2000), pp. 40–53. ACM Press, New York (2000)

    Google Scholar 

  2. Amtoft, T., Banerjee, A.: Information Flow Analysis in Logical Form. In: Giacobazzi, R. (ed.) SAS 2004. LNCS, vol. 3148, pp. 100–115. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  3. Barthe, G., D’Argenio, P., Rezk, T.: Secure Information Flow by Self Composition. In: Proc. of the 17th IEEE Computer Security Foundations Workshop (CSFW2004), pp. 100–114. IEEE Computer Society Press, Los Alamitos (2004)

    Chapter  Google Scholar 

  4. Bossi, A., Focardi, R., Piazza, C., Rossi, S.: Verifying Persistent Security Properties. Computer Languages, Systems and Structures 30(3-4), 231–258 (2004)

    Article  MATH  Google Scholar 

  5. Di Pierro, A., Hankin, C., Wiklicky, H.: Approximate Non-Interference. In: Proc. of the IEEE Computer Security Foundations Workshop (CSFW2002), pp. 3–17. IEEE Computer Society Press, Los Alamitos (2002)

    Google Scholar 

  6. Focardi, R., Gorrieri, R.: Classification of Security Properties. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 331–396. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  7. Giacobazzi, R., Mastroeni, I.: Abstract Non-Interference: Parameterizing Non-Interference by Abstract Interpretation. In: Proc. of ACM Symposium on Principles of Programming Languages (POPL2004), pp. 186–197. ACM Press, New York (2004)

    Chapter  Google Scholar 

  8. Goguen, J.A., Meseguer, J.: Security Policies and Security Models. In: Proc. of the IEEE Symposium on Security and Privacy (SSP1982), pp. 11–20. IEEE Computer Society Press, Los Alamitos (1982)

    Google Scholar 

  9. Goguen, J.A., Meseguer, J.: Unwinding and Inference Control. In: Proc. of the IEEE Symposium on Security and Privacy (SSP1984), pp. 75–86. IEEE Computer Society Press, Los Alamitos (1984)

    Google Scholar 

  10. Joshi, R., Leino, K.R.M.: A Semantic Approach to Secure Information Flow. Science of Computer Programming 37(1–3), 113–138 (2000)

    Article  MATH  MathSciNet  Google Scholar 

  11. Mantel, H.: Unwinding Possibilistic Security Properties. In: Cuppens, F., Deswarte, Y., Gollmann, D., Waidner, M. (eds.) ESORICS 2000. LNCS, vol. 1895, pp. 238–254. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  12. Milner, R.: Communication and Concurrency. Prentice-Hall, Englewood Cliffs (1989)

    MATH  Google Scholar 

  13. Ryan, P.Y.A.: A CSP Formulation of Non-Interference and Unwinding. Cipher, 19–27 (1991)

    Google Scholar 

  14. Ryan, P.Y.A., Schneider, S.: Process Algebra and Non-Interference. Journal of Computer Security 9(1/2), 75–103 (2001)

    Google Scholar 

  15. Sabelfeld, A., Mantel, H.: Static Confidentiality Enforcement for Distributed Programs. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 376–394. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  16. Sabelfeld, A., Myers, A.C.: Language-Based Information-Flow Security. IEEE Journal on Selected Areas in Communication 21(1), 5–19 (2003)

    Article  Google Scholar 

  17. Sabelfeld, A., Sands, D.: A Per Model of Secure Information Flow in Sequential Programs. Higher-Order and Symbolic Computation 14(1), 59–91 (2001)

    Article  MATH  Google Scholar 

  18. Smith, G., Volpano, D.M.: Secure Information Flow in a Multi-threaded Imperative Language. In: Proc. of ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL1998), pp. 355–364. ACM Press, New York (1998)

    Chapter  Google Scholar 

  19. Volpano, D.M., Smith, G.: A Type-Based Approach to Program Security. In: TAPSOFT, pp. 607–621 (1997)

    Google Scholar 

  20. Winskel, G.: The formal semantics of programming languages. MIT Press, Cambridge (1993)

    MATH  Google Scholar 

  21. Zdancewic, S., Myers, A.C.: Robust Declassification. In: Proc. of the IEEE Computer Security Foundations Workshop (CSFW2001), pp. 15–23. IEEE Computer Society Press, Los Alamitos (2001)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Informatica, Università Ca’ Foscari di Venezia, via Torino 155, 30172, Venezia, Italy

    Annalisa Bossi, Carla Piazza & Sabina Rossi

  2. Dipartimento di Matematica ed Informatica, Università degli Studi di Udine, via Le Scienze 206, 33100, Udine, Italy

    Carla Piazza

Authors
  1. Annalisa Bossi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Carla Piazza
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sabina Rossi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Twente, The Netherlands

    Sandro Etalle

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bossi, A., Piazza, C., Rossi, S. (2005). Unwinding Conditions for Security in Imperative Languages. In: Etalle, S. (eds) Logic Based Program Synthesis and Transformation. LOPSTR 2004. Lecture Notes in Computer Science, vol 3573. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11506676_6

Download citation

  • DOI: https://doi.org/10.1007/11506676_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26655-6

  • Online ISBN: 978-3-540-31683-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation