Skip to main content
SpringerLink
Log in
Book cover

Models, Languages, and Tools for Concurrent and Distributed Programming pp 455–470Cite as

Lightweight Information Flow

  • Chapter
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 11665))

Abstract

We develop a type system for identifying the information flow between variables in a program in the Guarded Commands language. First we characterise the types of information flow that may arise between variables in a non-deterministic program: explicit, implicit, bypassing, correlated or sanitised. Next we allow to specify security policies in a number of traditional ways based on mandatory access control: defining a security lattice, working with components or decentralised labels, both as pertains to confidentiality and integrity. Offending information flows are those identified by the type system and that violate the security policy; a program is sufficiently secure if it contains only acceptable information flows.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Bernardo, M., De Nicola, R., Loreti, M.: Revisiting bisimilarity and its modal logic for nondeterministic and probabilistic processes. Acta Inf. 52(1), 61–106 (2015)

    Article  MathSciNet  Google Scholar 

  2. Bettini, L., De Nicola, R., Pugliese, R.: XKlaim and Klava: programming mobile code. Electr. Notes Theor. Comput. Sci. 62, 24–37 (2001)

    Article  Google Scholar 

  3. Boreale, M., De Nicola, R.: Testing equivalence for mobile processes. Inf. Comput. 120(2), 279–303 (1995)

    Article  MathSciNet  Google Scholar 

  4. de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78800-3_24

    Chapter  Google Scholar 

  5. De Nicola, R.: Testing equivalences and fully abstract models for communicating systems. Ph.D. thesis, University of Edinburgh, UK (1986)

    Google Scholar 

  6. De Nicola, R., Ferrari, G.L., Pugliese, R.: KLAIM: a kernel language for agents interaction and mobility. IEEE Trans. Softw. Eng 24(5), 315–330 (1998)

    Article  Google Scholar 

  7. De Nicola, R., Ferrari, G.L., Pugliese, R., Venneri, B.: Types for access control. Theor. Comput. Sci. 240(1), 215–254 (2000)

    Article  MathSciNet  Google Scholar 

  8. De Nicola, R., et al.: From flow logic to static type systems for coordination languages. Sci. Comput. Program. 75(6), 376–397 (2010)

    Article  MathSciNet  Google Scholar 

  9. De Nicola, R., Gorla, D., Pugliese, R.: On the expressive power of Klaim-based calculi. Theor. Comput. Sci. 356(3), 387–421 (2006)

    Article  MathSciNet  Google Scholar 

  10. De Nicola, R., Hennessy, M.: Testing equivalences for processes. Theor. Comput. Sci. 34, 83–133 (1984)

    Article  MathSciNet  Google Scholar 

  11. De Nicola, R., Katoen, J.-P., Latella, D., Loreti, M., Massink, M.: Model checking mobile stochastic logic. Theor. Comput. Sci. 382(1), 42–70 (2007)

    Article  MathSciNet  Google Scholar 

  12. De Nicola, R., Vaandrager, F.W.: Three logics for branching bisimulation. J. ACM 42(2), 458–487 (1995)

    Article  MathSciNet  Google Scholar 

  13. Denning, D.E.: A lattice model of secure information flow. Commun. ACM 19(5), 236–243 (1976)

    Article  MathSciNet  Google Scholar 

  14. Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Commun. ACM 20(7), 504–513 (1977)

    Article  Google Scholar 

  15. Dijkstra, E.W.: Guarded commands, nondeterminacy and formal derivation of programs. Commun. ACM 18(8), 453–457 (1975)

    Article  MathSciNet  Google Scholar 

  16. Goguen, J.A., Meseguer, J.: Security policies and security models. In: 1982 IEEE Symposium on Security and Privacy, Oakland, CA, USA, 26–28 April 1982, pp. 11–20. IEEE Computer Society (1982)

    Google Scholar 

  17. Gollmann, D.: Computer Security, 3rd edn. Wiley, Hoboken (2011)

    Google Scholar 

  18. Myers, A.C., Liskov, B.: Protecting privacy using the decentralized label model. ACM Trans. Softw. Eng. Methodol. 9(4), 410–442 (2000)

    Article  Google Scholar 

  19. Flemming Nielson and Hanne Riis Nielson: Atomistic Galois insertions for flow sensitive integrity. Comput. Lang. Syst. Struct. 50, 82–107 (2017)

    MATH  Google Scholar 

  20. Nielson, F., Nielson, H.R.: Formal Methods: An Appetizer. Springer, Cham (2019)

    MATH  Google Scholar 

  21. Nielson, F., Nielson, H.R., Vasilikos, P.: Information flow for timed automata. In: Aceto, L., Bacci, G., Bacci, G., Ingólfsdóttir, A., Legay, A., Mardare, R. (eds.) Models, Algorithms, Logics and Tools. LNCS, vol. 10460, pp. 3–21. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63121-9_1

    Chapter  Google Scholar 

  22. Nielson, H.R., Nielson, F.: Content dependent information flow control. J. Log. Algebr. Meth. Program. 87, 6–32 (2017)

    Article  MathSciNet  Google Scholar 

  23. Volpano, D.M., Irvine, C.E.: Secure flow typing. Comput. Secur. 16(2), 137–144 (1997)

    Article  Google Scholar 

  24. Volpano, D.M., Irvine, C.E., Smith, G.: A sound type system for secure flow analysis. J. Comput. Secur. 4(2/3), 167–188 (1996)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics and Computer Science, Technical University of Denmark, 2800 Kgs., Lyngby, Denmark

    Flemming Nielson & Hanne Riis Nielson

Authors
  1. Flemming Nielson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hanne Riis Nielson
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Flemming Nielson .

Editor information

Editors and Affiliations

  1. Department of Statistics, Computer Science, Applications, University of Florence, Florence, Italy

    Michele Boreale

  2. School of Science and Technology, University of Camerino, Camerino, Italy

    Flavio Corradini

  3. School of Science and Technology, University of Camerino, Camerino, Italy

    Michele Loreti

  4. Department of Statistics, Computer Science, Applications, University of Florence, Florence, Italy

    Rosario Pugliese

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Nielson, F., Nielson, H.R. (2019). Lightweight Information Flow. In: Boreale, M., Corradini, F., Loreti, M., Pugliese, R. (eds) Models, Languages, and Tools for Concurrent and Distributed Programming. Lecture Notes in Computer Science(), vol 11665. Springer, Cham. https://doi.org/10.1007/978-3-030-21485-2_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-21485-2_25

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-21484-5

  • Online ISBN: 978-3-030-21485-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation