Skip to main content
SpringerLink
Log in

The Impact of Synchronisation on Secure Information Flow in Concurrent Programs

  • Conference paper
  • First Online:
Perspectives of System Informatics (PSI 2001)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2244))

Abstract

Synchronisation is fundamental to concurrent programs. This paper investigates the security of information flow in multi-threaded programs in the presence of synchronisation. We give a small-step operational semantics for a simple shared-memory multi-threaded language with synchronisation, and present a compositional timing-sensitive bisimulation- based confidentiality specification. We propose a type-based analysis improving on previous approaches to reject potentially insecure programs.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. M. Abadi, A. Banerjee, N. Heintze, and J. Riecke. A core calculus of dependency. In POPL’99, Proceedings of the 26th Annual ACM Symposium on Principles of Programming Languages (January 1999), 1999.

    Google Scholar 

  2. J. Agat. Transforming out timing leaks. In Proceedings of the ACM Symposium on Principles of Programming Languages, pages 40–53, January 2000.

    Google Scholar 

  3. J. Agat and D. Sands. On Confidentiality and Algorithms. In Proceedings of 2001 IEEE Symposium on Security and Privacy, May 2001.

    Google Scholar 

  4. G. R. Andrews and R. P. Reitman. An axiomatic approach to information flow in programs. ACM TOPLAS, 2(1):56–75, January 1980.

    Article  MATH  Google Scholar 

  5. Gregory R. Andrews. Foundations of Multithreaded, Parallel, and Distributed Programming. Addison Wesley, 2000.

    Google Scholar 

  6. J.-P. Banatre, C. Bryce, and D. Le Metayer. Compile-time detection of information flow in sequential programs. LNCS, 875:55–73, 1994.

    Google Scholar 

  7. E. S. Cohen. Information transmission in sequential programs. In Richard A. DeMillo, David P. Dobkin, Anita K. Jones, and Richard J. Lipton, editors, Foundations of Secure Computation, pages 297–335. Academic Press, 1978.

    Google Scholar 

  8. D. E. Denning. A lattice model of secure information flow. Communications of the ACM, 19(5):236–243, May 1976.

    Article  MATH  MathSciNet  Google Scholar 

  9. D. E. Denning and P. J. Denning. Certification of programs for secure information flow. Communications of the ACM, 20(7):504–513, July 1977.

    Article  MATH  Google Scholar 

  10. E.W. Dijkstra. Cooperating sequential processes. In F. Genuys, editor, Programming Languages, pages 43–112. Academic Press, 1968.

    Google Scholar 

  11. N. Heintze and J. G. Riecke. The SLam calculus: programming with secrecy and integrity. In Conference Record of the Twenty-Fifth Annual ACM Symposium on Principles of Programming Languages, pages 365–377, 1998.

    Google Scholar 

  12. K. R. M. Leino and Rajeev Joshi. A semantic approach to secure information flow. Science of Computer Programming, 37(1), 2000.

    Google Scholar 

  13. D. McCullough. Specifications for multi-level security and hook-up property. In Proceedings of the IEEE Symposium on Security and Privacy, pages 161–166, 1987.

    Google Scholar 

  14. M. Mizuno and D. Schmidt. A security flow control algorithm and its denotational semantics correctness proof. Formal Aspects of Computing, 4(6A):727–754, 1992.

    Article  MATH  Google Scholar 

  15. P. Ørbæk. Can you Trust your Data? In Proceedings of the TAPSOFT/FASE’95 Conference, LNCS 915, pages 575–590, May 1995.

    Google Scholar 

  16. A. Sabelfeld. Semantic Models for the Security of Sequential and Concurrent Programs. PhD thesis, Chalmers University of Technology and Göteborg University, May 2001.

    Google Scholar 

  17. A. Sabelfeld and D. Sands. Probabilistic noninterference for multi-threaded programs. In Proceedings of the 13th IEEE Computer Security Foundations Workshop, pages 200–214, Cambridge, England, July 2000.

    Google Scholar 

  18. A. Sabelfeld and D. Sands. A per model of secure information flow in sequential programs. Higher-Order and Symbolic Computation, 14(1):59–91, March 2001.

    Article  MATH  Google Scholar 

  19. G. Smith. Personal communication, 2000.

    Google Scholar 

  20. G. Smith and D. Volpano. Secure information flow in a multi-threaded imperative language. In Proceedings of the 25th ACM Symposium on Principles of Programming Languages, pages 355–364, 19–21 January 1998.

    Google Scholar 

  21. D. Volpano and G. Smith. Probabilistic noninterference in a concurrent language. Journal of Computer Security, 7(2,3):231–253, November 1999.

    Google Scholar 

  22. D. Volpano, G. Smith, and C. Irvine. A sound type system for secure flow analysis. J. Computer Security, 4(3):1–21, 1996.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Chalmers University of Technology and University of Göteborg, 412 96Göteborg, Sweden

    Andrei Sabelfeld

Authors
  1. Andrei Sabelfeld
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Informatics and Mathematical Modelling, Technical University of Denmark, Bldg.322, 106-108, Richard Petersens Plads, 2800, Lyngby, Denmark

    Dines Bjørner

  2. Computer Science Department, Technical University of Munich, Arcisstr.21, 80290, Munich, Germany

    Manfred Broy

  3. A.P.Ershov Institute of Informatics Systems, Acad.Lavrentjev ave.,6, 630090, Novosibirsk, Russia

    Alexandre V. Zamulin

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sabelfeld, A. (2001). The Impact of Synchronisation on Secure Information Flow in Concurrent Programs. In: Bjørner, D., Broy, M., Zamulin, A.V. (eds) Perspectives of System Informatics. PSI 2001. Lecture Notes in Computer Science, vol 2244. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45575-2_22

Download citation

  • DOI: https://doi.org/10.1007/3-540-45575-2_22

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-43075-9

  • Online ISBN: 978-3-540-45575-2

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation