Sanitizing Sensitive Data: How to Get It Right (or at Least Less Wrong…)

Chapman, Roderick

doi:10.1007/978-3-319-60588-3_3

Roderick Chapman ORCID: orcid.org/0000-0003-2717-760X¹⁵

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 10300))

Included in the following conference series:

Ada-Europe International Conference on Reliable Software Technologies

562 Accesses
3 Citations

Abstract

Coding standards and guidance for secure programming call for sensitive data to be “sanitized” before being de-allocated. This paper considers what this really means in technical terms, why it is actually rather difficult to achieve, and how such a requirement can be realistically implemented and verified, concentrating on the facilities offered by Ada and SPARK. The paper closes with a proposed policy and coding standard that can be applied and adapted to other projects.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 44.99; Price excludes VAT (USA)

Softcover Book: USD 59.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

CESG. Coding Requirements and Guidance (IA Developers’ Note 6), CESG, Issue 1.1, October 2015. www.ncsc.gov.uk/guidance/coding-requirements-and-guidance-ia-developers-note-6
US CERT. SEI CERT C Coding Standard. www.securecoding.cert.org/confluence/display/c/SEI+CERT+C+Coding+Standard
ISO/SC22/WG23. Information Technology — Programming Languages — Guidance to avoiding vulnerabilities in programming languages through language selection and use. TR 24772 (2013). http://www.open-std.org/JTC1/SC22/WG23/
Mitre Corp. Common Weakness Enumeration (CWE). http://cwe.mitre.org/
Cryptography Coding Standard Project. cryptocoding.net/index.php/Cryptography_Coding_Standard
Aho, A.V., Lam, M.S., Sethi, R., Ullman, J.D.: Compilers: Principles, Techniques and Tools, 2nd edn. Pearson, Upper Saddle River (2013). ISBN 978-1292024349
Google Scholar
Percival, C.: Zeroing Buffers is Insufficient. www.daemonology.net/blog/2014-09-06-zeroing-buffers-is-insufficient.html
Programming Langauges – C. ISO/IEC 9899:2011 (2011). http://www.open-std.org/jtc1/sc22/wg14/www/standards.html
Programming Langauges – C++. ISO/IEC 14822:2011 (2011). http://www.open-std.org/JTC1/SC22/WG21/docs/standards.html
Barnes, J.: With Altran Praxis. SPARK: The Proven Approach to High-Integrity Software (2012). ISBN: 978-0-9572905-0-1
Google Scholar
McCormick, J.W., Chapin, P.C.: Building High-Integrity Applications with SPARK. Cambridge University Press, Cambridge (2015). ISBN 978-1-107-04073-1
Google Scholar
SPARK 2014 Community Site. www.spark-2014.org
Consolidated Ada 2012 Language Reference Manual. ISO/IEC 8652:2012/Cor 1:2016 (2016). www.ada-auth.org/standards/ada12_w_tc1.html
Regehr, J., Eide, E.: Volatiles are miscompiled and what to do about it. In: Proceedings of the Eighth ACM and IEEE International Conference on Embedded Software (EMSOFT), Atlanta, Georgia, October 2008. doi:10.1145/1450058.1450093, www.cs.utah.edu/~regehr/papers/emsoft08-preprint.pdf
Comar, C., Dismukes, G., Gasperoni, F. The GNAT implementation of controlled types. In: Proceedings of Tri-Ada 1994, Baltimore. ACM Press (1994). doi:10.1145/376503.376724
Kirtchev, H.: A new robust and efficient implementation of controlled types in the GNAT compiler. In: Proceedings of High-Integrity Language Technology 2012, ACM SIGAda Letters, vol. 32, issue. 3 pp. 43–50 (2012). doi:10.1145/2402676.2402693
GNAT sources at gcc.gnu.org. gcc.gnu.org/viewcvs/gcc/trunk/gcc/ada/gcc-interface/trans.c
GCC Online Documentation. Chap. 24 – Link Time Optimization. https://gcc.gnu.org/onlinedocs/gccint/LTO.html
LLVM Compiler Infrastructure. Link Time Optimization: Design and Implementation. http://llvm.org/docs/LinkTimeOptimization.html
Leroy, X.: Formal verification of a realistic compiler. Commun. ACM, 52(7), (2009). doi:10.1145/1538788.1538814
Kang, J., Kim, Y., Hur, C-K., Dreyer, D., Vafeiadis, V.: Lightweight verification of separate compilation. In: Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL) 2016, pp. 178–190. ACM Press. doi:10.1145/2837614.2837642

Download references

Acknowledgements

The author would like to thank Robert Seacord, Florian Schanda, Bill Ellis and the conference reviewers for their comments on earlier drafts of this paper.

Author information

Authors and Affiliations

Protean Code Limited, Bath, UK
Roderick Chapman

Authors

Roderick Chapman
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Roderick Chapman .

Editor information

Editors and Affiliations

Institute of Computer Aided Automation, Vienna University of Technology , Vienna, Austria
Johann Blieberger
Institute of Computer Aided Institute, Vienna University of Technology, Vienna, Austria
Markus Bader

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Chapman, R. (2017). Sanitizing Sensitive Data: How to Get It Right (or at Least Less Wrong…). In: Blieberger, J., Bader, M. (eds) Reliable Software Technologies – Ada-Europe 2017. Ada-Europe 2017. Lecture Notes in Computer Science(), vol 10300. Springer, Cham. https://doi.org/10.1007/978-3-319-60588-3_3

Download citation

DOI: https://doi.org/10.1007/978-3-319-60588-3_3
Published: 30 May 2017
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-60587-6
Online ISBN: 978-3-319-60588-3
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics