Skip to main content
SpringerLink
Log in
Book cover

Programming Languages with Applications to Biology and Security pp 47–65Cite as

Hoare Logic for Disjunctive Information Flow

  • Chapter
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 9465))

Abstract

Information flow control extends access control by not only regulating who is allowed to access what data but also the subsequent use of the data accessed. Applications within communication networks require such information flow control to depend on the actual data. For a concurrent language with synchronous communication and separate data domains we develop a Hoare logic for enforcing disjunctive information flow policies. We establish the soundness of the Hoare logic with respect to an operational semantics and illustrate the development on a running example.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Amtoft, T., Dodds, J., Zhang, Z., Appel, A., Beringer, L., Hatcliff, J., Ou, X., Cousino, A.: A certificate infrastructure for machine-checked proofs of conditional information flow. In: Degano, P., Guttman, J.D. (eds.) Principles of Security and Trust. LNCS, vol. 7215, pp. 369–389. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  2. Andrews, G.R., Reitman, R.P.: An axiomatic approach to information flow in programs. ACM Trans. Program. Lang. Syst. 2(1), 56–76 (1980)

    Article  MATH  Google Scholar 

  3. Apt, K.R.: Ten years of Hoare’s logic: A survey - part I. ACM Trans. Program. Lang. Syst. 3(4), 431–483 (1981)

    Article  MATH  Google Scholar 

  4. Apt, K.R.: Ten years of Hoare’s logic: a survey part II: nondeterminism. Theoret. Comput. Sci. 28, 83–109 (1984)

    Article  MathSciNet  MATH  Google Scholar 

  5. Bell, D.E., LaPadula, L.J.: Secure computer systems: a mathematical model. Technical report, MITRE Corporation (1973)

    Google Scholar 

  6. Biba, K.J.: Integrity considerations for secure computer systems. Technical report, MITRE Corporation (1977)

    Google Scholar 

  7. Boudol, G.: Secure information flow as a safety property. In: Guttman, J., Degano, P., Martinelli, F. (eds.) FAST 2008. LNCS, vol. 5491, pp. 20–34. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  8. Broberg, N., Sands, D.: Paralocks: role-based information flow control and beyond. In: 37 th POPL, pp. 431–444. ACM (2010)

    Google Scholar 

  9. Chong, S., Myers, A.C.: Decentralized robustness. In: 19’th CSFW, pp. 242–256. IEEE Computer Society (2006)

    Google Scholar 

  10. Airlines Electronic Engineering Committee. ARINC 811: Commercial aircraft information security concepts of operation and process framework. Technical report (2005)

    Google Scholar 

  11. Darvas, Á., Hähnle, R., Sands, D.: A theorem proving approach to analysis of secure information flow. In: Hutter, D., Ullmann, M. (eds.) SPC 2005. LNCS, vol. 3450, pp. 193–209. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  12. Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. CACM 20(7), 504–513 (1977)

    Article  MATH  Google Scholar 

  13. Greve, D.: Data flow logic: Analyzing Information Flow Properties of C Programs. Rockwell Collins (2011)

    Google Scholar 

  14. Hedin, D., Sabelfeld, A.: A Perspective on Information-Flow Control. Marktoberdorf Summerschool (2011)

    Google Scholar 

  15. Montagu, B., Pierce, B.C., Pollack, R.: A theory of information-flow labels. In: 26th CSF, pp. 3–17. IEEE Computer Society (2013)

    Google Scholar 

  16. Müller, K., Paulitsch, M., Tverdyshev, S., Blasum, H.: MILS-related information flow control in the avionic domain: a view on security-enhancing software architectures. In: IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, DSN 2012, pp. 1–6. IEEE (2012)

    Google Scholar 

  17. Myers, A.C., Liskov, B.: A decentralized model for information flow control. In: 16th ACM Symposium on Operating Systems Principles, pp. 129–142 (1997)

    Google Scholar 

  18. Myers, A.C., Liskov, B.: Protecting privacy using the decentralized label model. ACM Trans. Softw. Eng. Methodol. 9(4), 410–442 (2000)

    Article  Google Scholar 

  19. Nielson, F.: Program transformations in a denotational setting. ACM Trans. Program. Lang. Syst. 7(3), 359–379 (1985)

    Article  MathSciNet  MATH  Google Scholar 

  20. Plotkin, G.D.: A structural approach to operational semantics. J. Logic Algebraic Program. 60–61, 17–139 (2004)

    MathSciNet  MATH  Google Scholar 

  21. Rushby, J.: Separation and Integration in MILS (The MILS Constitution). Technical report SRI-CSL-08-XX, SRI International, February 2008

    Google Scholar 

  22. Sabelfeld, A., Russo, A.: From dynamic to static and back: riding the roller coaster of information-flow control research. In: Virbitskaite, I., Voronkov, A., Pnueli, A. (eds.) PSI 2009. LNCS, vol. 5947, pp. 352–365. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  23. Stirling, C.: A generalization of Owicki-Gries’s Hoare logic for a concurrent while language. Theoret. Comput. Sci. 58, 347–359 (1988)

    Article  MathSciNet  MATH  Google Scholar 

  24. Volpano, D.M., Irvine, C.E., Smith, G.: A sound type system for secure flow analysis. J. Comput. Secur. 4(2/3), 167–188 (1996)

    Article  Google Scholar 

  25. Whalen, M.W., Greve, D.A., Wagner, L.G.: Model checking information flow. In: Hardin, D.S. (ed.) Design and Verification of Microprocessor Systems for High-Assurance Applications, pp. 381–428. Springer, New York (2010)

    Chapter  Google Scholar 

  26. Zheng, L., Myers, A.C.: End-to-end availability policies and noninterference. In: 18’th CSFW, pp. 272–286. IEEE Computer Society (2005)

    Google Scholar 

Download references

Acknowledgement

We are supported by IDEA4CPS (DNRF 86-10) and benefitted from discussions with Michael Paulitsch and Kevin Müller from Airbus.

Author information

Authors and Affiliations

  1. DTU Compute, Technical University of Denmark, Kongens Lyngby, Denmark

    Hanne Riis Nielson, Flemming Nielson & Ximeng Li

Authors
  1. Hanne Riis Nielson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Flemming Nielson
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ximeng Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Flemming Nielson .

Editor information

Editors and Affiliations

  1. Dipartimento di Informatica, Università di Pisa, Pisa, Italy

    Chiara Bodei

  2. Dipartimento di Informatica, Università di Pisa, Pisa, Italy

    Gianluigi Ferrari

  3. Università degli Studi di Trento, Povo, Italy

    Corrado Priami

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Nielson, H.R., Nielson, F., Li, X. (2015). Hoare Logic for Disjunctive Information Flow. In: Bodei, C., Ferrari, G., Priami, C. (eds) Programming Languages with Applications to Biology and Security. Lecture Notes in Computer Science(), vol 9465. Springer, Cham. https://doi.org/10.1007/978-3-319-25527-9_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-25527-9_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-25526-2

  • Online ISBN: 978-3-319-25527-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation