Information Flow Is Linear Refinement of Constancy

Spoto, Fausto

doi:10.1007/11560647_23

Information Flow Is Linear Refinement of Constancy

Fausto Spoto¹⁸

Conference paper

497 Accesses
1 Citations

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3722))

Abstract

Detecting information flows inside a program is useful to check non-interference of program variables, an important aspect of software security. Information flows have been computed in the past by using abstract interpretation over an abstract domain IF which expresses sets of flows. In this paper we reconstruct IF as the linear refinement C → C of a basic domain C expressing constancy of program variables. This is important since we also show that C → C, and hence IF, is closed w.r.t. linear refinement, and is hence optimal and condensing. Then a compositional, input-independent static analysis over IF has the same precision of a non-compositional, input-driven analysis. Moreover, we show that C → C has a natural representation in terms of Boolean formulas, efficiently implementable through binary decision diagrams.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Bossi, A., Gabbrielli, M., Levi, G., Martelli, M.: The s-Semantics Approach: Theory and Applications. Journal of Logic Programming 19/20, 149–197 (1994)
Article MathSciNet Google Scholar
Bryant, R.E.: Graph-based Algorithms for Boolean Function Manipulation. IEEE Transactions on Computers 35(8), 677–691 (1986)
Article MATH Google Scholar
Clark, D., Hankin, C., Hunt, S.: Information Flow for Algol-like Languages. Computer Languages and Security 28(1), 3–28 (2002)
MATH Google Scholar
Cousot, P., Cousot, R.: Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. In: Proc. of the 4th ACM Symposium on Principles of Programming Languages (POPL), pp. 238–252 (1977)
Google Scholar
Cousot, P., Cousot, R.: Systematic Design of Program Analysis Frameworks. In: Proc. of the 6th ACM Symp. on Principles of Programming Languages, pp. 269–282 (1979)
Google Scholar
Genaim, S., Giacobazzi, R., Mastroeni, I.: Modeling Secure Information Flow with Boolean Functions. In: Ryan, P. (ed.) ACM SIGPLAN and GI FoMSESS Workshop on Issues in the Theory of Security, April 2004, pp. 55–66 (2004)
Google Scholar
Genaim, S., Spoto, F.: Information Flow Analysis for Java Bytecode. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 346–362. Springer, Heidelberg (2005)
Chapter Google Scholar
Giacobazzi, R., Mastroeni, I.: Abstract Non-Interference: Parameterizing Non-Interference by Abstract Interpretation. In: Proc. of the 31st Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’04), Venice, Italy, January 2004, pp. 186–197. ACM-Press, New York (2004)
Chapter Google Scholar
Giacobazzi, R., Ranzato, F., Scozzari, F.: Making Abstract Domains Condensing. ACM Transactions on Computational Logic (ACM-TOCL) 6(1), 33–60 (2005)
Article MathSciNet Google Scholar
Giacobazzi, R., Scozzari, F.: A Logical Model for Relational Abstract Domains. ACM Transactions on Programming Languages and Systems 20(5), 1067–1109 (1998)
Article Google Scholar
Sabelfeld, A., Myers, A.C.: Language-based Information-Flow Security. IEEE Journal on Selected Areas in Communications 21(1), 5–19 (2003)
Article Google Scholar
Sabelfeld, A., Sands, D.: A PER Model of Secure Information Flow in Sequential Programs. Higher-Order and Symbolic Computation 14(1), 59–91 (2001)
Article MATH Google Scholar
Scozzari, S.: Logical Optimality of Groundness Analysis. Theoretical Computer Science 277(1-2), 149–184 (2002)
Article MATH MathSciNet Google Scholar
Sekar, M.C., Mishra, P., Ramakrishnan, I.V.: On the Power and Limitation of Strictness Analysis Based on Abstract Interpretation. In: Proc. of the 18th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 1991), Orlando, Florida, January 1991, pp. 37–48 (1991)
Google Scholar
Volpano, D., Smith, G., Irvine, C.: A Sound Type System for Secure Flow Analysis. Journal of Computer Security 4(2,3), 167–187 (1996)
Google Scholar
Winskel, G.: The Formal Semantics of Programming Languages. The MIT Press, Cambridge (1993)
MATH Google Scholar

Download references

Author information

Authors and Affiliations

Dipartimento di Informatica, Università di Verona, Italy
Fausto Spoto

Authors

Fausto Spoto
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

College of Technology, Vietnam National University, Hanoi, Vietnam
Dang Van Hung
Institute of Computer Science, LMU Munich, Munich, Germany
Martin Wirsing

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Spoto, F. (2005). Information Flow Is Linear Refinement of Constancy. In: Van Hung, D., Wirsing, M. (eds) Theoretical Aspects of Computing – ICTAC 2005. ICTAC 2005. Lecture Notes in Computer Science, vol 3722. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11560647_23

Download citation

DOI: https://doi.org/10.1007/11560647_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29107-7
Online ISBN: 978-3-540-32072-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics