Abstract
Information Flow Control (IFC) is important to ensure secure programs where secret data does not influence any public data. The pervasive standard that IFC aims to is non-interference. Current IFC systems are separated into dynamic IFC, static IFC, and hybrids between static and dynamic. With dynamic IFC suffering from high overhead and limited ability to prevent implicit flows due to the paths not taken, we propose a novel modular static IFC system. To the best of our knowledge, this is the first modular static IFC system. Unlike type-based static IFC systems, ours is logic-based. The limitation of type-based IFC systems is in the inviolability of static security label declarations for fields. As such, they suffer from transient leaks on fields. Our proposed system uses a Hoare-like logic. It verifies each function independently with the help of separation logic. Furthermore, we provide the proof of correctness for our novel IFC system with respect to termination- and timing-insensitive non-interference.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Al Ameen, M.F., Tatsuta, M.: Completeness for Recursive Procedures in Separation Logic. Theoretical Computer Science (2016)
Al Ameen, M.F.: Completeness of Verification System with Separation Logic for Recursive Procedures. Ph.D. Dissertation. SOKENDAI, Kanagawa, Japan (2016)
Barthe, G., D’Argenio, P.R., Rezk, T.: Secure information flow by self-composition. In: Proceedings of the 17th IEEE Workshop on Computer Security Foundations (CSFW 2004), p. 100. IEEE Computer Society, Washington, DC (2004)
Amtoft, T., Banerjee, A.: Information flow analysis in logical form. In: Giacobazzi, R. (ed.) SAS 2004. LNCS, vol. 3148, pp. 100–115. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-27864-1_10
Amtoft, T., Bandhakavi, S., Banerjee, A.: A logic for information flow in object-oriented programs. In: Conference Record of the 33rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, New York, USA (2006)
Austin, T.H., Flanagan, C.: Permissive dynamic information flow analysis. In: Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS 2010). ACM, New York (2010). Article 3, 12 pages
Austin, T.H., Flanagan, C.: Multiple facets for dynamic information flow. In: Proceedings of the 39th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 2012), pp. 165–178. ACM, New York (2012)
Bello, L., Bonelli, E.: On-the-fly inlining of dynamic dependency monitors for secure information flow. In: Barthe, G., Datta, A., Etalle, S. (eds.) FAST 2011. LNCS, vol. 7140, pp. 55–69. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29420-4_4
Chin, W.N., David, C., Nguyen, H.H., Qin, S.: Automated verification of shape, size and bag properties via user-defined predicates in separation logic. Sci. Comput. Program. 77(9), 1006–1036 (2012)
Chudnov, A., Naumann, D.A.: Information flow monitor inlining. In: 2010 23rd IEEE Computer Security Foundations Symposium, Edinburgh, pp. 200–214 (2010)
Costanzo, D., Shao, Z.: A separation logic for enforcing declarative information flow control policies. In: Abadi, M., Kremer, S. (eds.) POST 2014. LNCS, vol. 8414, pp. 179–198. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54792-8_10
Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Commun. ACM 20(7), 504–513 (1977)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: IEEE Symposium on Security and Privacy, Oakland, CA, USA (1982)
Hunt, S., Sands, D.: On flow-sensitive security types. In: POPL, pp. 79–90 (2006)
Kerschbaumer, C., Hennigan, E., Larsen, P., Brunthaler, S., Franz, M.: Crowdflow: efficient information flow security. In: Desmedt, Y. (ed.) ISC 2013. LNCS, vol. 7807, pp. 321–337. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-27659-5_23
Lampson, B.W.: A note on the confinement problem. Commun. ACM 16(10), 613–615 (1973)
Milner, R.: A Calculus of Communicating Systems. Springer-Verlag, New York Inc (1982)
Nanevski, A., Banerjee, A., Garg, D.: Verification of information flow and access control policies with dependent types. In: Proceedings of the 2011 IEEE Symposium on Security and Privacy (SP 2011), pp. 165–179. IEEE Computer Society, Washington, DC (2011)
Ørbæk, P., Palsberg, J.: Trust in the \(\lambda \)-calculus. J. Funct. Program. 7(6), 557–591 (1997)
Park, D.: Concurrency and automata on infinite sequences. In: Deussen, P. (ed.) GI-TCS 1981. LNCS, vol. 104, pp. 167–183. Springer, Heidelberg (1981). https://doi.org/10.1007/BFb0017309
Reynolds, J.C.: Separation logic: a logic for shared mutable data structures. In: Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science (LICS 2002), pp. 55–74. IEEE Computer Society, Washington, DC (2002)
Russo, A., Sabelfeld, A.: Dynamic vs. static flow-sensitive security analysis. In: Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium (CSF 2010), pp. 186–199. IEEE Computer Society, Washington, DC (2010)
Sabelfeld, A., Myers, A.C.: A model for delimited information release. In: Futatsugi, K., Mizoguchi, F., Yonezaki, N. (eds.) ISSS 2003. LNCS, vol. 3233, pp. 174–191. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-37621-7_9
Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. Sel. A. Commun. 21(1), 5–19 (2006)
Santos, J.F., Rezk, T.: An information flow monitor-inlining compiler for securing a core of JavaScript. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds.) SEC 2014. IAICT, vol. 428, pp. 278–292. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55415-5_23
Tatsuta, M., Chin, W.N., Al Ameen, M.F.: Completeness of pointer program verification by separation logic. In: Proceeding of 7th IEEE International Conference on Software Engineering and Formal Methods (SEFM 2009), pp. 179–188 (2009)
Terauchi, T., Aiken, A.: Secure information flow as a safety problem. In: Hankin, C., Siveroni, I. (eds.) SAS 2005. LNCS, vol. 3672, pp. 352–367. Springer, Heidelberg (2005). https://doi.org/10.1007/11547662_24
Fennell, L., Thiemann, P.: LJGS: gradual security types for object-oriented languages. In: 30th European Conference on Object-Oriented Programming (ECOOP 2016) (2016)
Volpano, D., Irvine, C., Smith, G.: A sound type system for secure flow analysis. J. Comput. Secur. 4(2–3), 167–187 (1996)
Volpano, D., Smith, G.: A type-based approach to program security. In: Bidoit, M., Dauchet, M. (eds.) CAAP 1997. LNCS, vol. 1214, pp. 607–621. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0030629
Winskel, G.: The Formal Semantics of Programming Languages: An Introduction. MIT Press, Cambridge (1993)
Zdancewic, S.A.: Programming Languages for Information Security. Ph.D. Dissertation. Cornell University, Ithaca, NY, USA. AAI3063751 (2002)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Prabawa, A., Al Ameen, M.F., Lee, B., Chin, WN. (2018). A Logical System for Modular Information Flow Verification. In: Dillig, I., Palsberg, J. (eds) Verification, Model Checking, and Abstract Interpretation. VMCAI 2018. Lecture Notes in Computer Science(), vol 10747. Springer, Cham. https://doi.org/10.1007/978-3-319-73721-8_20
Download citation
DOI: https://doi.org/10.1007/978-3-319-73721-8_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-73720-1
Online ISBN: 978-3-319-73721-8
eBook Packages: Computer ScienceComputer Science (R0)