Abstract
We investigate the issue of typing confidentiality in a language-based information-flow security approach, aiming at improving some previously proposed type systems, especially for higher-order languages with mutable state à la ML. We show that the typing of termination leaks can be largely improved, by particularizing the case where the alternatives in a conditional branching both terminate. Moreover, we also provide a quite precise way of approximating the confidentiality level of an expression, that ignores the level of values used for side-effects only.
Work partially supported by the CRISS project of the ACI Sécurité Informatique.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Almeida Matos, A., Boudol, G.: On declassification and the non-disclosure policy. To appear in the proceedings of the 18th IEEE Computer Security Foundations Workshop (2005)
Boudol, G., Castellani, I.: Non-interference for concurrent programs and thread systems. Theoretical Comput. Sci. 281(1), 109–130 (2002)
Cohen, E.: Information transmission in computational systems. In: 6th ACM Symp. on Operating Systems Principles, pp. 133–139 (1977)
Crary, K., Kliger, A., Pfenning, F.: A monadic analysis of information flow security with mutable state. J. of Functional Programming 15(2), 249–291 (2005)
Denning, D.E.: A lattice model of secure information flow. CACM 19(5), 236–243 (1976)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: IEEE Symp. on Security and Privacy, pp. 11–20 (1982)
Heintze, N., Riecke, J.: The SLam calculus: programming with secrecy and integrity. In: POPL 1998, pp. 365–377 (1998)
Landin, P.J.: The mechanical evaluation of expressions. Computer Journal 6, 308–320 (1964)
Lucassen, J.M., Gifford, D.K.: Polymorphic effect systems. In: POPL 1988, pp. 47–57 (1988)
Myers, A.: JFlow: practical mostly-static information flow control. In: POPL 1999 (1999)
Pottier, F., Simonet, V.: Information flow inference for ML. ACM TOPLAS 25(1), 117–158 (2003)
Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. on Selected Areas in Communications 21(1), 5–19 (2003)
Sabelfeld, A., Sands, D.: Probabilistic noninterference for multi-threaded programs. In: CSFW 2000 (2000)
Sabelfeld, A., Sands, D.: Dimensions and principles of declassification. In: Proceedings of the 18th IEEE Computer Security Foundations Workshop (2005)
Smith, G.: A new type system for secure information flow. In: CSFW 2001 (2001)
Smith, G., Volpano, D.: Secure information flow in a multi-threaded imperative language. In: POPL 1998 (1998)
Volpano, D., Smith, G.: Eliminating covert flows with minimum typings. In: CSFW 1997, pp. 156–168 (1997)
Volpano, D., Smith, G., Irvine, C.: A sound type system for secure flow analysis. J. of Computer Security 4(3), 167–187 (1996)
Zdancewic, S.: Programming Languages for Information Security, PhD Thesis, Cornell University (2002)
Zdancewic, S.: Challenges for information-flow security. In: PLID 2004 (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Boudol, G. (2005). On Typing Information Flow. In: Van Hung, D., Wirsing, M. (eds) Theoretical Aspects of Computing – ICTAC 2005. ICTAC 2005. Lecture Notes in Computer Science, vol 3722. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11560647_24
Download citation
DOI: https://doi.org/10.1007/11560647_24
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29107-7
Online ISBN: 978-3-540-32072-2
eBook Packages: Computer ScienceComputer Science (R0)