Skip to main content
SpringerLink
Log in

Confidentiality of Interactions in Concurrent Object-Oriented Systems

  • Conference paper
  • First Online:
Data Privacy Management, Cryptocurrencies and Blockchain Technology (DPM 2017, CBT 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10436))

Abstract

We consider a general concurrency model for distributed systems, based on concurrent objects communicating by asynchronous methods. This model is suitable for modeling of modern service-oriented systems, and gives rise to efficient interaction avoiding active waiting and low-level synchronization primitives such as explicit signaling and lock operations. This concurrency model has a simple semantics and allows us to focus on information flow at a high level of abstraction, and allows realistic analysis by avoiding unnecessary restrictions on information flow between confidential and non-confidential data. We formalize our approach by introducing a high-level language for this concurrency model, and we provide a secrecy-type system to capture inter-object communication. We prove soundness based on an operational semantics, which includes runtime secrecy levels.

Work supported by the IoTSec and DiversIoT projects, the Norw. Research Council.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

References

  1. Askarov, A., Hunt, S., Sabelfeld, A., Sands, D.: Termination-insensitive noninterference leaks more than just a bit. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 333–348. Springer, Heidelberg (2008). doi:10.1007/978-3-540-88313-5_22

    Chapter  Google Scholar 

  2. Banerjee, A., Naumann, D.A.: Stack-based access control and secure information flow. J. Funct. Program. 15(02), 131–177 (2005)

    Article  MathSciNet  MATH  Google Scholar 

  3. Barthe, G., Rezk, T., Russo, A., Sabelfeld, A.: Security of multithreaded programs by compilation. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 2–18. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74835-9_2

    Chapter  Google Scholar 

  4. D. Devriese and F. Piessens. Noninterference through secure multi-execution. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 109–124. IEEE (2010)

    Google Scholar 

  5. Din, C.C., Dovland, J., Johnsen, E.B., Owe, O.: Observable behavior of distributed systems: component reasoning for concurrent objects. J. Logic Algebr. Program. 81(3), 227–256 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  6. Erlingsson, U.: The inlined reference monitor approach to security policy enforcement. Ph.D. thesis, Cornell University, Ithaca, NY, USA (2004). AAI3114521

    Google Scholar 

  7. Goguen, J.A., Meseguer, J.: Unwinding and inference control. In: IEEE Symposium on Security and Privacy, p. 75 (1984)

    Google Scholar 

  8. Heintze, N., Riecke, J.G.: The SLAM calculus: programming with secrecy and integrity. In: Proceedings of POPL 1998, pp. 365–377. ACM (1998)

    Google Scholar 

  9. Hodges, S.J., Jones, C.B.: Non-interference properties of a concurrent object-based language: proofs based on operational semantics. In: Freitag, B., Jones, C.B., Lengauer, C., Schek, H.J. (eds.) Object Orientation with Parallelism and Persistence, pp. 1–22. Springer, Boston (1996). doi:10.1007/978-1-4613-1437-0_1

    Chapter  Google Scholar 

  10. Kammüller, F.: A semi-lattice model for multi-lateral security. In: Di Pietro, R., Herranz, J., Damiani, E., State, R. (eds.) DPM/SETOP -2012. LNCS, vol. 7731, pp. 118–132. Springer, Heidelberg (2013). doi:10.1007/978-3-642-35890-6_9

    Chapter  Google Scholar 

  11. Kammüller, F.: Confinement for active objects. Int. J. Adv. Comput. Sci. Appl. (IJACSA) 6(2), 246–260 (2015)

    Google Scholar 

  12. Johnsen, E.B., Owe, O.: An asynchronous communication model for distributed concurrent objects. Softw. Syst. Model. 6(1), 35–58 (2007)

    Article  Google Scholar 

  13. Johnsen, E.B., Owe, O., Creol, I.C.Y.: A type-safe object-oriented model for distributed concurrent systems. Theor. Comput. Sci. 365(1–2), 23–66 (2006)

    Article  MathSciNet  MATH  Google Scholar 

  14. Johnsen, E.B., Hähnle, R., Schäfer, J., Schlatte, R., Steffen, M.: ABS: a core language for abstract behavioral specification. In: Aichernig, B.K., de Boer, F.S., Bonsangue, M.M. (eds.) FMCO 2010. LNCS, vol. 6957, pp. 142–164. Springer, Heidelberg (2011). doi:10.1007/978-3-642-25271-6_8

    Chapter  Google Scholar 

  15. Nielson, F., Nielson, H.-R., Hankin, C.L.: Principles of Program Analysis. Springer, Heidelberg (1999). doi:10.1007/978-3-662-03811-6

    Book  MATH  Google Scholar 

  16. Owe, O., Ramezanifarkhani, T.: Static enforcement of confidentiality of interactions in concurrent object-oriented systems. Technical report, Department of Informatics, University of Oslo, Norway (2017). An extended version of this paper. http://heim.ifi.uio.no/olaf/Papers/SeCreolReport.pdf

  17. Ramezanifarkhani, T., Owe, O., Tokas, S.: A secrecy-preserving language for distributed and object-oriented systems, March 2017 (submitted)

    Google Scholar 

  18. Sabelfeld, A., Mantel, H.: Static confidentiality enforcement for distributed programs. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 376–394. Springer, Heidelberg (2002). doi:10.1007/3-540-45789-5_27

    Chapter  MATH  Google Scholar 

  19. Sabelfeld, A., Myers, A.C.: Language-based information flow security. IEEE J. Sel. Areas Commun. 21, 5–19 (2003)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Informatics, University of Oslo, Oslo, Norway

    Olaf Owe & Toktam Ramezanifarkhani

Authors
  1. Olaf Owe
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Toktam Ramezanifarkhani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Olaf Owe .

Editor information

Editors and Affiliations

  1. Télécom SudParis, Evry, France

    Joaquin Garcia-Alfaro

  2. Department of Information and Communications Engineering, Autonomous University of Barcelona, Bellaterra, Spain

    Guillermo Navarro-Arribas

  3. Karlsruhe Institute of Technology, Karlsruhe, Germany

    Hannes Hartenstein

  4. Autonomous University of Barcelona, Bellaterra, Spain

    Jordi Herrera-Joancomartí

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Owe, O., Ramezanifarkhani, T. (2017). Confidentiality of Interactions in Concurrent Object-Oriented Systems. In: Garcia-Alfaro, J., Navarro-Arribas, G., Hartenstein, H., Herrera-Joancomartí, J. (eds) Data Privacy Management, Cryptocurrencies and Blockchain Technology. DPM CBT 2017 2017. Lecture Notes in Computer Science(), vol 10436. Springer, Cham. https://doi.org/10.1007/978-3-319-67816-0_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-67816-0_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-67815-3

  • Online ISBN: 978-3-319-67816-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation