Skip to main content
SpringerLink
Log in
Book cover

International Andrei Ershov Memorial Conference on Perspectives of System Informatics

PSI 2006: Perspectives of Systems Informatics pp 474–480Cite as

Security for Multithreaded Programs Under Cooperative Scheduling

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4378))

Abstract

Information flow exhibited by multithreaded programs is subtle because the attacker may exploit scheduler properties when deducing secret information from publicly observable outputs. Volpano and Smith have introduced a protect command that prevents the scheduler from observing sensitive timing behavior of protected commands and therefore prevents undesired information flows. While a useful construct, protect is nonstandard and difficult to implement. This paper presents a transformation that eliminates the need for protect under cooperative scheduling. We show that both termination-insensitive and termination-sensitive security can be enforced by variants of the transformation in a language with dynamic thread creation.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Boudol, G., Castellani, I.: Non-interference for concurrent programs and thread systems. Theoretical Computer Science 281(1), 109–130 (2002)

    Article  MATH  MathSciNet  Google Scholar 

  2. Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Comm. of the ACM 20(7), 504–513 (1977)

    Article  MATH  Google Scholar 

  3. Engelschall, R.S.: Gnu pth - the gnu portable threads (Nov. 2005), http://www.gnu.org/software/pth/

  4. Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proc. IEEE Symp. on Security and Privacy, Apr. 1982, pp. 11–20 (1982)

    Google Scholar 

  5. Huisman, M., Worah, P., Sunesen, K.: A temporal logic characterisation of observational determinism. In: Proc. IEEE Computer Security Foundations Workshop (July 2006)

    Google Scholar 

  6. Mantel, H., Sands, D.: Controlled downgrading based on intransitive (non)interference. In: Chin, W.-N. (ed.) APLAS 2004. LNCS, vol. 3302, pp. 129–145. Springer, Heidelberg (2004)

    Google Scholar 

  7. Myers, A.C., et al.: Jif: Java information flow. Software release (July 2001–2006), http://www.cs.cornell.edu/jif

  8. Russo, A., Sabelfeld, A.: Securing interaction between threads and the scheduler. In: Proc. IEEE Computer Security Foundations Workshop, July 2006, pp. 177–189 (2006)

    Google Scholar 

  9. Sabelfeld, A.: The impact of synchronisation on secure information flow in concurrent programs. In: Bjørner, D., Broy, M., Zamulin, A.V. (eds.) PSI 2001. LNCS, vol. 2244, pp. 225–239. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  10. Sabelfeld, A.: Confidentiality for multithreaded programs via bisimulation. In: Broy, M., Zamulin, A.V. (eds.) PSI 2003. LNCS, vol. 2890, pp. 260–273. Springer, Heidelberg (2004)

    Google Scholar 

  11. Sabelfeld, A., Mantel, H.: Static confidentiality enforcement for distributed programs. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 376–394. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  12. Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. Selected Areas in Communications 21(1), 5–19 (2003)

    Article  Google Scholar 

  13. Sabelfeld, A., Sands, D.: Probabilistic noninterference for multi-threaded programs. In: Proc. IEEE Computer Security Foundations Workshop, July 2000, pp. 200–214 (2000)

    Google Scholar 

  14. Simonet, V.: The Flow Caml system. Software release (July 2003), Located at http://cristal.inria.fr/~simonet/soft/flowcaml/

  15. Smith, G.: A new type system for secure information flow. In: Proc. IEEE Computer Security Foundations Workshop, June 2001, pp. 115–125 (2001)

    Google Scholar 

  16. Smith, G.: Probabilistic noninterference through weak probabilistic bisimulation. In: Proc. IEEE Computer Security Foundations Workshop, pp. 3–13 (2003)

    Google Scholar 

  17. Smith, G., Volpano, D.: Secure information flow in a multi-threaded imperative language. In: Proc. ACM Symp. on Principles of Programming Languages, Jan. 1998, pp. 355–364 (1998)

    Google Scholar 

  18. Volpano, D., Smith, G.: Probabilistic noninterference in a concurrent language. J. Computer Security 7(2–3), 231–253 (1999)

    Google Scholar 

  19. Volpano, D., Smith, G., Irvine, C.: A sound type system for secure flow analysis. J. Computer Security 4(3), 167–187 (1996)

    Google Scholar 

  20. Winskel, G.: The Formal Semantics of Programming Languages: An Introduction. MIT Press, Cambridge (1993)

    MATH  Google Scholar 

  21. Zdancewic, S., Myers, A.C.: Observational determinism for concurrent program security. In: Proc. IEEE Computer Security Foundations Workshop, June 2003, pp. 29–43 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science and Engineering, Chalmers University of Technology, 412 96 Göteborg, Sweden

    Alejandro Russo & Andrei Sabelfeld

Authors
  1. Alejandro Russo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Andrei Sabelfeld
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Irina Virbitskaite Andrei Voronkov

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Russo, A., Sabelfeld, A. (2007). Security for Multithreaded Programs Under Cooperative Scheduling. In: Virbitskaite, I., Voronkov, A. (eds) Perspectives of Systems Informatics. PSI 2006. Lecture Notes in Computer Science, vol 4378. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-70881-0_43

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-70881-0_43

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-70880-3

  • Online ISBN: 978-3-540-70881-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation