Skip to main content
SpringerLink
Log in

Security Types Preserving Compilation

  • Conference paper
Verification, Model Checking, and Abstract Interpretation (VMCAI 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2937))

Abstract

Initiating from the seminal work of Volpano and Smith, there has been ample evidence that type systems may be used to enforce confidentiality of programs through non-interference. However, most type systems operate on high-level languages and calculi, and “low-level languages have not received much attention in studies of secure information flow” (Sabelfeld and Myers [16]). Further, security type systems for low-level languages should appropriately relate to their counterparts for high-level languages; however, we are not aware of any study of type-preserving compilers for type systems for information flow.

In answer to these questions, we introduce a security type system for a low-level language featuring jumps and calls, and show that the type system enforces termination-insensitive non-interference. Then, we introduce a compiler from a high-level imperative programming language to our low-level language, and show that the compiler preserves security types.

Work partially supported by IST Projects Profundis and Verificard.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ball, T.: What’s in a region? Or computing control dependence regions in nearlinear time for reducible control flow. ACM Letters on Programming Languages and Systems 2(1–4), 1–16 (1993)

    Article  Google Scholar 

  2. Banerjee, A., Naumann, D.A.: Secure Information Flow and Pointer Confinement in a Java-like Language. In: Proceedings of CSFW 2002, IEEE Computer Society Press, Los Alamitos (2002)

    Google Scholar 

  3. Barthe, G., Serpette, B.: Partial evaluation and non-interference for object calculi. In: Middeldorp, A. (ed.) FLOPS 1999. LNCS, vol. 1722, pp. 53–67. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  4. Bernardeschi, C., De Francesco, N.: Combining Abstract Interpretation and Model Checking for analysing Security Properties of Java Bytecode. In: Cortesi, A. (ed.) VMCAI 2002. LNCS, vol. 2294, pp. 1–15. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  5. Bieber, P., Cazin, J., Wiels, V., Zanon, G., Girard, P., Lanet, J.-L.: Checking Secure Interactions of Smart Card Applets: Extended version. Journal of Computer Security 10, 369–398 (2002)

    Google Scholar 

  6. Coglio, A.: Simple Verification Technique for Complex Java Bytecode Subroutines. In: Proceedings of FTFJP 2002 (2002)

    Google Scholar 

  7. Goguen, J., Meseguer, J.: Security policies and security models. In: Proceedings of SOSP 1982, pp. 11–22. IEEE Computer Society, Los Alamitos (1982)

    Google Scholar 

  8. Heintze, N., Riecke, J.: The SLam calculus: programming with secrecy and integrity. In: Proceedings of POPL 1998, pp. 365–377. ACM Press, New York (1998)

    Chapter  Google Scholar 

  9. Honda, K., Yoshida, N.: A Uniform Type Structure for Secure Information Flow. In: Proceedings of POPL 2002, pp. 81–92. ACM Press, New York (2002)

    Google Scholar 

  10. League, C., Shao, Z., Trifonov, V.: Precision in Practice: A Type-Preserving Java Compiler. In: Hedin, G. (ed.) CC 2003. LNCS, vol. 2622, pp. 106–120. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  11. Leroy, X.: Java bytecode verification: an overview. In: Berry, G., Comon, H., Finkel, A. (eds.) CAV 2001. LNCS, vol. 2102, pp. 265–285. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  12. Myers, A.C.: Jflow: Practical mostly-static information flow control. In: Proceedings of POPL 1999, pp. 228–241. ACM Press, New York (1999)

    Google Scholar 

  13. Necula, G.C.: Proof-Carrying Code. In: Proceedings of POPL 1997, pp. 106–119. ACM Press, New York (1997)

    Chapter  Google Scholar 

  14. Necula, G.C., Lee, P.: The Design and Implementation of a Certifying Compiler. In: Proceedings of PLDI 1998, pp. 333–344 (1998)

    Google Scholar 

  15. Pottier, F., Simonet, V.: Information flow inference for ML. ACM Transactions on Programming Languages and Systems 25(1), 117–158 (2003)

    Article  Google Scholar 

  16. Sabelfeld, A., Myers, A.: Language-Based Information-Flow Security. IEEE Journal on Selected Areas in Comunications 21, 5–19 (2003)

    Article  Google Scholar 

  17. Simonet, V.: Fine-grained Information Flow Analysis for a Lambda-Calculus with Sum Types. In: Proceedings of CSFW 2002, pp. 223–237 (2002)

    Google Scholar 

  18. Volpano, D., Smith, G.: A Type-Based Approach to Program Security. In: Bidoit, M., Dauchet, M. (eds.) CAAP 1997, FASE 1997, and TAPSOFT 1997. LNCS, vol. 1214, pp. 607–621. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  19. Volpano, D., Smith, G.: Eliminating covert flows with minimum typings. In: Proceedings of CSFW 1997, pp. 156–168. IEEE Press, Los Alamitos (1997)

    Google Scholar 

  20. Volpano, D., Smith, G., Irvine, C.: A Sound Type System for Secure Flow Analysis. Journal of Computer Security, 167–187 (December 1996)

    Google Scholar 

  21. Zdancewic, S., Myers, A.: Secure information flow and CPS. In: Sands, D. (ed.) ESOP 2001. LNCS, vol. 2028, pp. 46–61. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. INRIA Sophia-Antipolis, France

    Gilles Barthe & Tamara Rezk

  2. IIT Delhi, India

    Amitabh Basu

Authors
  1. Gilles Barthe
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Amitabh Basu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tamara Rezk
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Chair Programming Systems, Universität Dortmund, Otto-Hahn-Str. 14, 44227, Dortmund, Germany

    Bernhard Steffen

  2. Dipartimento di Informatica, Università di Pisa, Via Buonarroti, 2, 56100, Pisa, Italy

    Giorgio Levi

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Barthe, G., Basu, A., Rezk, T. (2004). Security Types Preserving Compilation. In: Steffen, B., Levi, G. (eds) Verification, Model Checking, and Abstract Interpretation. VMCAI 2004. Lecture Notes in Computer Science, vol 2937. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24622-0_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24622-0_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-20803-7

  • Online ISBN: 978-3-540-24622-0

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation