Abstract
Security-typed languages enforce secrecy or integrity policies by type-checking. This paper investigates continuation-passing style as a means of proving that such languages enforce non-interference and as a first step towards understanding their compilation. We present a low- level, secure calculus with higher-order, imperative features. Our type system makes novel use of ordered linear continuations.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
MartÃn Abadi, Anindya Banerjee, Nevin Heintze, and Jon Riecke. A core calculus of dependency. In Proc. 26th ACM Symp. on Principles of Programming Languages (POPL), pages 147–160, 1999.
Samson Abramsky. Computational interpretations of linear logic. Theoretical Computer Science, 111:3–57, 1993.
Johan Agat. Transforming out timing leaks. In Proc. 27th ACM Symp. on Principles of Programming Languages (POPL), January 2000.
Andrew Appel. Compiling with Continuations. Cambridge University Press, 1992.
Gavin Bierman. A classical linear lambda calculus. Theoretical Computer Science, 227(1-2):43–78, 1999.
Karl Crary, David Walker, and Greg Morrisett. Typed memory management in a calculus of capabilities. In Proc. 26th ACM Symp. on Principles of Programming Languages (POPL), pages 262–275, 1999.
Daniel Damian and Olivier Danvy. Syntactic accidents in program analysis: On the impact of the CPS transformation. In Proc. 5th ACM SIGPLAN International Conference on Functional Programming (ICFP), pages 209–220, 2000.
Olivier Danvy and Andrzej Filinski. Representing control: A study of the CPS transformation. Mathematical Structures in Computer Science, 2:361–391, 1992.
Dorothy E. Denning and Peter J. Denning. Certification of Programs for Secure Information Flow. Comm. of the ACM, 20(7):504–513, July 1977.
J. Mylaert Filho and G. Burn. Continuation passing transformations and abstract interpretation. In Proc. First Imperial College, Department of Computing, Workshop on Theory and Formal Methods, 1993.
Andrzej Filinski. Linear continuations. In Proc. 19th ACM Symp. on Principles of Programming Languages (POPL), 1992.
Cormac Flanagan, Amr Sabry, Bruce F. Duba, and Matthias Felleisen. The essence of compiling with continuations. In Proceedings of the ACM’ 93 Conference on Programming Language Design and Implementation, 1993.
Jean-Yves Girard. Linear logic. Theoretical Computer Science, 50:1–102, 1987.
J. A. Goguen and J. Meseguer. Security policies and security models. In Proc. IEEE Symposium on Security and Privacy, pages 11–20, April 1982.
Robert Harper and Mark Lillibridge. Explicit polymorphism and CPS conversion. In Proc. 20th ACM Symp. on Principles of Programming Languages (POPL), 1993.
Nevin Heintze and Jon G. Riecke. The SLam calculus: Programming with secrecy and integrity. In Proc. 25th ACM Symp. on Principles of Programming Languages (POPL), San Diego, California, January 1998.
Kohei Honda, Vasco Vasconcelos, and Nobuko Yoshida. Secure information flow as typed process behaviour. In Proc. of the 9th European Symposium on Programming, volume 1782 of Lecture Notes in Computer Science, pages 180–199. Springer, 2000.
Greg Morrisett, David Walker, Karl Crary, and Neal Glew. From system F to typed assembly language. ACM Transactions on Programming Languages and Systems, 21(3):528–569, May 1999.
Steven S. Muchnick. Advanced Compiler Design and Implementation. Morgan Kaufmann Publishers, 1997.
Andrew C. Myers. JFlow: Practical mostly-static information flow control. In Proc. 26th ACM Symp. on Principles of Programming Languages (POPL), San Antonio, TX, USA, January 1999.
Andrew C. Myers and Barbara Liskov. A decentralized model for information flow control. In Proc. 17th ACM Symp. on Operating System Principles (SOSP), pages 129–142, Saint-Malo, France, 1997.
George C. Necula. Proof-carrying code. In Proc. 24th ACM Symp. on Principles of Programming Languages (POPL), pages 106–119, January 1997.
Flemming Nielson. A denotational framework for data flow analysis. Acta Informatica, 18:265–287, 1982.
Jeff Polakow and Frank Pfenning. Properties of terms in continuation-passing style in an ordered logical framework. In J. Despeyroux, editor, 2nd Workshop on Logical Frameworks and Meta-languages, Santa Barbara, California, June 2000.
François Pottier and Sylvain Conchon. Information flow inference for free. In Proc. 5th ACM SIGPLAN International Conference on Functional Programming (ICFP), pages 46–57, 2000.
Andrei Sabelfeld and David Sands. A PER model of secure information flow in sequential programs. In Proceedings of the European Symposium on Programming. Springer-Verlag, March 1999. LNCS volume 1576.
Andrei Sabelfeld and David Sands. Probabilistic noninterference for multi-threaded programs. In Proceedings of the 13th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, July 2000.
Amr Sabry and Matthias Felleisen. Reasoning about programs in continuation-passing style. Lisp and Symbolic Computation: An International Journal, 1993.
Amr Sabry and Matthias Felleisen. Is continuation-passing useful for data flow analysis? In Proc. SIGPLAN’ 94 Conference on Programming Language Design and Implementation, pages 1–12, 1994.
Geoffrey Smith and Dennis Volpano. Secure information flow in a multi-threaded imperative language. In Proc. 25th ACM Symp. on Principles of Programming Languages (POPL), San Diego, California, January 1998.
David N. Turner and Philip Wadler. Operational interpretations of linear logic. Theoretical Computer Science, 2000. To Appear.
Dennis Volpano, Geoffrey Smith, and Cynthia Irvine. A sound type system for secure flow analysis. Journal of Computer Security, 4(3):167–187, 1996.
Philip Wadler. Linear types can change the world! In M. Broy and C. Jones, editors, Programming Concepts and Methods. North Holland, 1990.
Philip Wadler. A taste of linear logic. In Mathematical Foundations of Computer Science, volume 711 of Lecture Notes in Computer Science. Springer-Verlag, 1993.
Andrew K. Wright and Matthias Felleisen. A syntactic approach to type soundness. Information and Computation, 115(1):38–94, 1994.
Steve Zdancewic and Andrew C. Myers. Confidentiality and integrity with untrusted hosts. Technical Report 2000-1810, Cornell University, 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zdancewic, S., Myers, A.C. (2001). Secure Information Flow and CPS. In: Sands, D. (eds) Programming Languages and Systems. ESOP 2001. Lecture Notes in Computer Science, vol 2028. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45309-1_4
Download citation
DOI: https://doi.org/10.1007/3-540-45309-1_4
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41862-7
Online ISBN: 978-3-540-45309-3
eBook Packages: Springer Book Archive