Abstract
Data-intensive applications as popularised by cloud computing raise many security challenges, due to the large number of remote users involved and multi-tenancy. Frequently, the security compartment associated to data stored in shared containers, such as database tables, is not determined by the static structure of the database schema, but depends on runtime data values, as required to ensure so-called “row-level” security. In this paper, we investigate a programming language approach to these issues, based on a \(\lambda \)-calculus extended with data manipulation primitives. We develop a type-based information flow analysis introducing a notion of value-indexed security labels, representing value-indexed security levels, or compartments. Our results ensure that well-typed programs do not break confidentiality constraints imposed by a declared security discipline.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abadi, M., Banerjee, A., Heintze, N., Riecke, J.G.: A core calculus of dependency. In: Appel, A.W., Aiken, A. (eds.) POPL ’99, pp. 147–160. ACM (1999)
Austin, T.H., Flanagan, C.: Multiple facets for dynamic information flow. In: Field, J., Hicks, M. (eds.) POPL 2012, pp. 165–178. ACM (2012)
Baltopoulos, I.G., Borgström, J., Gordon, A.D.: Maintaining database integrity with refinement types. In: Mezini, M. (ed.) ECOOP 2011. LNCS, vol. 6813, pp. 484–509. Springer, Heidelberg (2011)
Bengtson, J., Bhargavan, K., Fournet, C., Gordon, A.D., Maffeis, S.: Refinement types for secure implementations. ACM Trans. Program. Lang. Syst. 33(2), 8 (2011)
Bierman, G.M., Gordon, A.D., Hritcu, C., Langworthy, D.E.: Semantic subtyping with an SMT solver. J. Funct. Program. 22(1), 31–105 (2012)
Caires, L., Pérez, J.A., Seco, J.C., Vieira, H.T., Ferrão, L.: Type-based access control in data-centric systems. In: Barthe, G. (ed.) ESOP 2011. LNCS, vol. 6602, pp. 136–155. Springer, Heidelberg (2011)
Cheng, W., Ports, D.R.K., Schultz, D., Popic, V., Blankstein, A., Cowling, J., Curtis, D., Shrira, L., Liskov, B.: Abstractions for usable information flow control in aeolus. In: USENIX Annual Technical Conference (2012)
Chlipala, A.: Static checking of dynamically-varying security policies in database-backed applications. In: Arpaci-Dusseau, R.H., Chen, B. (eds.) OSDI 2010, pp. 105–118. USENIX Association (2010)
Cooper, E., Lindley, S., Wadler, P., Yallop, J.: Links: web programming without tiers. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2006. LNCS, vol. 4709, pp. 266–296. Springer, Heidelberg (2007)
Corcoran, B.J., Swamy, N., Hicks, M.W.: Cross-tier, label-based security enforcement for web applications. In: Çetintemel, U., Zdonik, S.B., Kossmann, D., Tatbul, N. (eds.) SIGMOD 2009, pp. 269–282. ACM (2009)
Davis, B., Chen, H.: DBTaint: cross-application information flow tracking via databases. In: WebApps’10, p. 12. USENIX Association (2010)
Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Commun. ACM 20(7), 504–513 (1977)
Enck, W., Gilbert, P., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Arpaci-Dusseau, R.H., Chen, B. (eds.) OSDI 2010, pp. 393–407. USENIX Association (2010)
Giffin, D.B., Levy, A., Stefan, D., Terei, D., Mazières, D., Mitchell, J., Russo, A. : Hails: protecting data privacy in untrusted web applications. In: OSDI 2012, pp. 47–60. USENIX (2012)
Goguen, J. A., Meseguer, J.: Security policies and security models. In: IEEE Symposium on Security and Privacy, pp. 11–20 (1982)
Hedin, D., Sabelfeld, A.: Information-flow security for a core of JavaScript. In: Chong, S. (eds.) CSF 2012, pp. 3–18. IEEE (2012)
Heintze, N., Riecke, J.G.: The SLam calculus: programming with secrecy and integrity. In: MacQueen, D.B., Cardelli, L. (eds.) POPL ’98, pp. 365–377. ACM (1998)
Li, P., Zdancewic, S.: Practical information-flow control in web-based information systems. In: CSFW 2005, pp. 2–15. IEEE Computer Society (2005)
Liu, J., George, M.D., Vikram, K., Qi, X., Waye, L., Myers, A.C.: Fabric: a platform for secure distributed computation and storage. In: Matthews, J.N., Anderson, T.E. (eds.) SOSP 2009, pp. 321–334. ACM (2009)
Lourenço, L., Caires, L.: Information flow analysis for valued-indexed aata security compartments. Technical report, UNL. http://ctp.di.fct.unl.pt/luisal/resources/techreportDLIF13.pdf (2013)
Meijer, E., Beckman, B., Bierman, G.M.: LINQ: reconciling object, relations and XML in the.NET framework. In: Chaudhuri, S., Hristidis, V., Polyzotis, N. (eds.) Proceedings of the ACM SIGMOD International Conference on Management of Data, p. 706. ACM (2006)
Myers, A.C.: JFlow: practical mostly-static information flow control. In: Appel, A.W., Aiken, A. (eds) POPL ’99, pp. 228–241. ACM (1999)
Myers, A.C., Liskov, B.: A decentralized model for information flow control. In: SOSP, pp. 129–142 (1997)
Nanevski, A., Banerjee, A., Garg, D.: Verification of information flow and access control policies with dependent types. In: S&P 2011, pp. 165–179. IEEE Computer Society (2011)
Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. Sel. Areas Commun. (Spec. Issue Formal Methods Secur.) 21(1), 5–19 (2003)
Sabelfeld, A., Sands, D.: A per model of secure information flow in sequential programs. Higher-Order Symbolic Comput. 14(1), 59–91 (2001)
Schultz, D., Liskov, B., IFDB: decentralized information flow control for databases. In: Hanzálek, Z., Härtig, H., Castro, M., Kaashoek, M.F. (eds.) EuroSys 2013. ACM (2013)
Swamy, N., Chen, J., Chugh, R.: Enforcing stateful authorization and information flow policies in fine. In: Gordon, A.D. (ed.) ESOP 2010. LNCS, vol. 6012, pp. 529–549. Springer, Heidelberg (2010)
Swamy, N., Chen, J., Fournet, C., Strub, P-Y., Bhargavan, K., Yang, J.: Secure distributed programming with value-dependent types. In: Chakravarty, M.M.T., Hu, Z., Danvy, O. (eds.) ICFP 2011, pp. 266–278. ACM (2011)
Tse, S., Zdancewic, S.: Run-time principals in information-flow type systems. ACM Trans. Program. Lang. Syst. 30(1), 1–44 (2007)
Volpano, D.M., Irvine, C.E., Smith, G.: A sound type system for secure flow analysis. J. Comput. Secur. 4(2/3), 167–188 (1996)
Xi, H., Pfenning, F.: Dependent types in practical programming. In: Appel, A.W., Aiken, A. (eds.) POPL ’99, pp. 214–227. ACM (1999)
Zeldovich, N., Boyd-Wickizer, S., Mazières, D.: Securing distributed systems with information flow control. In: Crowcroft, J., Dahlin, M. (eds.) NSDI 2008, pp. 293–308. USENIX Association (2008)
Zheng, L., Myers, A.C.: Dynamic security labels and static information flow control. Int. J. Inf. Sec. 6(2–3), 67–84 (2007)
Acknowledgements
We thank the anonymous reviewers for their insightful comments. This work is supported by CITI, and FCT/MEC under grant SFRH/BD/68801/2010.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Lourenço, L., Caires, L. (2014). Information Flow Analysis for Valued-Indexed Data Security Compartments. In: Abadi, M., Lluch Lafuente, A. (eds) Trustworthy Global Computing. TGC 2013. Lecture Notes in Computer Science(), vol 8358. Springer, Cham. https://doi.org/10.1007/978-3-319-05119-2_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-05119-2_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-05118-5
Online ISBN: 978-3-319-05119-2
eBook Packages: Computer ScienceComputer Science (R0)