A Theorem Proving Approach to Analysis of Secure Information Flow

Darvas, Ádám; Hähnle, Reiner; Sands, David

doi:10.1007/978-3-540-32004-3_20

Ádám Darvas¹⁸,
Reiner Hähnle¹⁹ &
David Sands¹⁹

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3450))

Included in the following conference series:

International Conference on Security in Pervasive Computing

985 Accesses

Abstract

Most attempts at analysing secure information flow in programs are based on domain-specific logics. Though computationally feasible, these approaches suffer from the need for abstraction and the high cost of building dedicated tools for real programming languages. We recast the information flow problem in a general program logic rather than a problem-specific one. We investigate the feasibility of this approach by showing how a general purpose tool for software verification can be used to perform information flow analyses. We are able to prove security and insecurity of programs including advanced features such as method calls, loops, and object types for the target language Java Card. In addition, we can express declassification of information.

A preliminary short version of this paper appeared in WITS’03, Workshop on Issues in the Theory of Security, April 2003.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Lightweight Information Flow

Information Flow Certificates

Formal Analysis of Information Flow in HOL

References

Darvas, Á., Hähnle, R., Sands, D.: A theorem proving approach to analysis of secure information flow. Technical Report 2004-01, Department of Computing Science, Chalmers University of Technology and Göteborg University (2004)
Google Scholar
Ahrendt, W., Baar, T., Beckert, B., Bubel, R., Giese, M., Hähnle, R., Menzel, W., Mostowski, W., Roth, A., Schlager, S., Schmitt, P.H.: The KeY tool. Software and System Modeling (2004);Online First issue, to appear in print
Google Scholar
Barthe, G., D’Argenio, P.R., Rezk, T.: Secure information flow by self-composition. In: Proc. 17th IEEE Comp. Sec. Founds. Workshop (2004)
Google Scholar
Beckert, B.: A dynamic logic for the formal verification of Java Card programs. Java on Smart Cards: Programming and Security, 6–24 (2001)
Google Scholar
Beckert, B., Mostowski, W.: A program logic for handling JAVA cARD’s transaction mechanism. In: Pezzé, M. (ed.) FASE 2003. LNCS, vol. 2621, pp. 246–260. Springer, Heidelberg (2003)
Chapter Google Scholar
Cohen, E.S.: Information transmission in sequential programs. In: Foundations of Secure Computation, pp. 297–335. Academic Press, London (1978)
Google Scholar
Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Commun. ACM 20(7), 504–513 (1977)
Article MATH Google Scholar
Detlefs, D.L., Nelson, G., Saxe, J.B.: A theorem prover for program checking. Research report 178, Compaq SRC (2002)
Google Scholar
Giacobazzi, R., Mastroeni, I.: Proving abstract non-interference. In: Conf. of the European Association for Computer Science Logic, pp. 280–294 (2004)
Google Scholar
Harel, D., Kozen, D., Tiuryn, J.: Dynamic Logic. MIT Press, Cambridge (2000)
MATH Google Scholar
Joshi, R., Leino, K.R.M.: A semantic approach to secure information flow. Science of Computer Programming 37(1–3), 113–138 (2000)
Article MATH MathSciNet Google Scholar
Jürjens, J.: UMLsec: Extending UML for secure systems development. In: Proc.UML, pp. 412–425 (2002)
Google Scholar
Myers, A.C.: JFlow: Practical mostly-static information flow control. In: Proc.POPL , pp. 228–241(January 1999)
Google Scholar
Pottier, F., Simonet, V.: Information flow inference for ML. In: Proc. POPL, pp. 319–330 (January 2002)
Google Scholar
Pottier, F., Simonet, V.: Information flow inference for ML. ACM Trans. on Progr. Langs. and Systems 25(1), 117–158 (2003)
Article Google Scholar
Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. Selected Areas in Communication 21(1) (January 2003)
Google Scholar
Sabelfeld, A., Sands, D.: A per model of secure information flow in sequential programs. Higher-Order and Symbolic Computation 14(1), 59–91 (2001)
Article MATH Google Scholar
Stenzel, K.: Verification of JavaCard programs. Technical report 2001-5, Institut für Informatik, Universität Augsburg, Germany (2001)
Google Scholar
Volpano, D., Smith, G.: Eliminating covert flows with minimum typings. In: Proc. IEEE Comp. Sec. Founds. Workshop, pp. 156–168 (June 1997)
Google Scholar

Download references

Author information

Authors and Affiliations

Swiss Federal Institute of Technology (ETH), Zurich
Ádám Darvas
Chalmers University of Technology, Sweden
Reiner Hähnle & David Sands

Authors

Ádám Darvas
View author publications
You can also search for this author in PubMed Google Scholar
Reiner Hähnle
View author publications
You can also search for this author in PubMed Google Scholar
David Sands
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

DFKI, Stuhlsatzenhausweg 3, D-66123, Saarbrücken, Germany
Dieter Hutter
Federal Office for Information Security (BSI), Godesberger Allee 185-189, 53175, Bonn, Germany
Markus Ullmann

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Darvas, Á., Hähnle, R., Sands, D. (2005). A Theorem Proving Approach to Analysis of Secure Information Flow. In: Hutter, D., Ullmann, M. (eds) Security in Pervasive Computing. SPC 2005. Lecture Notes in Computer Science, vol 3450. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-32004-3_20

Download citation

DOI: https://doi.org/10.1007/978-3-540-32004-3_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25521-5
Online ISBN: 978-3-540-32004-3
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics