Skip to main content
SpringerLink
Log in

Proving Concurrent Noninterference

  • Conference paper
Book cover Certified Programs and Proofs (CPP 2012)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 7679))

Included in the following conference series:

Abstract

We perform a formal analysis of compositionality techniques for proving possibilistic noninterference for a while language with parallel composition. We develop a uniform framework where we express a wide range of noninterference variants from the literature and compare them w.r.t. their contracts: the strength of the security properties they ensure weighed against the harshness of the syntactic conditions they enforce. This results in a simple implementable algorithm for proving that a program has a specific noninterference property, using only compositionality, which captures uniformly several security type-system results from the literature and suggests a further improved type system. All formalism and theorems have been mechanically verified in Isabelle/HOL.

Supported by the DFG project Ni 491/13–1 (part of the DFG priority program RS3) and the DFG RTG 1480.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agat, J.: Transforming out timing leaks. In: POPL, pp. 40–53 (2000)

    Google Scholar 

  2. Barthe, G., D’Argenio, P.R., Rezk, T.: Secure information flow by self-composition. In: IEEE Computer Security Foundations Workshop, pp. 100–114 (2004)

    Google Scholar 

  3. Barthe, G., Nieto, L.P.: Formally verifying information flow type systems for concurrent and thread systems. In: FMSE, pp. 13–22 (2004)

    Google Scholar 

  4. Boudol, G.: On Typing Information Flow. In: Van Hung, D., Wirsing, M. (eds.) ICTAC 2005. LNCS, vol. 3722, pp. 366–380. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  5. Boudol, G., Castellani, I.: Noninterference for Concurrent Programs. In: Yu, Y., Spirakis, P.G., van Leeuwen, J. (eds.) ICALP 2001. LNCS, vol. 2076, pp. 382–395. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  6. Boudol, G., Castellani, I.: Noninterference for concurrent programs and thread systems. Theoretical Computer Science 281(1-2), 109–130 (2002)

    Article  MathSciNet  MATH  Google Scholar 

  7. Darvas, Á., Hähnle, R., Sands, D.: A Theorem Proving Approach to Analysis of Secure Information Flow. In: Hutter, D., Ullmann, M. (eds.) SPC 2005. LNCS, vol. 3450, pp. 193–209. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  8. Focardi, R., Gorrieri, R.: Classification of Security Properties (Part i: Information Flow). In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, p. 331. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  9. Halpern, J.Y., O’Neill, K.R.: Secrecy in multiagent systems. ACM Trans. Inf. Syst. Secur. 12(1) (2008)

    Google Scholar 

  10. Jones, C.B.: Specification and design of (parallel) programs. In: IFIP Congress 1983, pp. 321–332 (1983)

    Google Scholar 

  11. Mantel, H.: On the composition of secure systems. In: IEEE Symposium on Security and Privacy, pp. 88–101 (2002)

    Google Scholar 

  12. Mantel, H., Sands, D., Sudbrock, H.: Assumptions and guarantees for compositional noninterference. In: CSF 2011, Cernay-la-Ville, France, pp. 218–232 (2011)

    Google Scholar 

  13. Mantel, H., Sudbrock, H.: Flexible Scheduler-Independent Security. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 116–133. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  14. Mantel, H., Sudbrock, H., Kraußer, T.: Combining Different Proof Techniques for Verifying Information Flow Security. In: Puebla, G. (ed.) LOPSTR 2006. LNCS, vol. 4407, pp. 94–110. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  15. McLean, J.: A general theory of composition for trace sets closed under selective interleaving functions, pp. 79–93 (May 1994)

    Google Scholar 

  16. Milner, R.: Communication and concurrency. Prentice Hall (1989)

    Google Scholar 

  17. Plotkin, G.D.: A structural approach to operational semantics. J. Log. Algebr. Program. 60-61, 17–139 (2004)

    Article  MathSciNet  Google Scholar 

  18. Popescu, A., Hölzl, J.: Possibilistic noninterference formalized in Isabelle/HOL. Archive for Formal Proofs (2012), http://afp.sourceforge.net/entries/Possibilistic_Noninterference.shtml

  19. Russo, A., Hughes, J., Naumann, D.A., Sabelfeld, A.: Closing Internal Timing Channels by Transformation. In: Okada, M., Satoh, I. (eds.) ASIAN 2006. LNCS, vol. 4435, pp. 120–135. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  20. Russo, A., Sabelfeld, A.: Security for Multithreaded Programs Under Cooperative Scheduling. In: Virbitskaite, I., Voronkov, A. (eds.) PSI 2006. LNCS, vol. 4378, pp. 474–480. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  21. Sabelfeld, A.: The Impact of Synchronisation on Secure Information Flow in Concurrent Programs. In: Bjørner, D., Broy, M., Zamulin, A.V. (eds.) PSI 2001. LNCS, vol. 2244, pp. 225–239. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  22. Sabelfeld, A.: Confidentiality for Multithreaded Programs via Bisimulation. In: Broy, M., Zamulin, A.V. (eds.) PSI 2003. LNCS, vol. 2890, pp. 260–274. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  23. Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications 21(1), 5–19 (2003)

    Article  Google Scholar 

  24. Sabelfeld, A., Sands, D.: A Per Model of Secure Information Flow in Sequential Programs. In: Swierstra, S.D. (ed.) ESOP 1999. LNCS, vol. 1576, pp. 40–58. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  25. Sabelfeld, A., Sands, D.: Probabilistic noninterference for multi-threaded programs. In: IEEE Computer Security Foundations Workshop, pp. 200–214 (2000)

    Google Scholar 

  26. Smith, G.: A new type system for secure information flow. In: IEEE Computer Security Foundations Workshop, pp. 115–125 (2001)

    Google Scholar 

  27. Smith, G.: Probabilistic noninterference through weak probabilistic bisimulation. In: IEEE Computer Security Foundations Workshop, pp. 3–13 (2003)

    Google Scholar 

  28. Smith, G.: Improved typings for probabilistic noninterference in a multi-threaded language. Journal of Computer Security 14(6), 591–623 (2006)

    Google Scholar 

  29. Smith, G., Volpano, D.: Secure information flow in a multi-threaded imperative language. In: ACM Symposium on Principles of Programming Languages, pp. 355–364 (1998)

    Google Scholar 

  30. Volpano, D., Smith, G., Irvine, C.: A sound type system for secure flow analysis. Journal of Computer Security 4(2,3), 167–187 (1996)

    Google Scholar 

  31. Zdancewic, S., Myers, A.C.: Observational determinism for concurrent program security. In: IEEE Computer Security Foundations Workshop, pp. 29–43 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Technische Universität München, Germany

    Andrei Popescu, Johannes Hölzl & Tobias Nipkow

  2. Institute of Mathematics Simion Stoilow, Romania

    Andrei Popescu

Authors
  1. Andrei Popescu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Johannes Hölzl
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tobias Nipkow
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Microsoft Research, Redmond, WA, USA

    Chris Hawblitzel

  2. INRIA Saclay and LIX, Ecole Polytechnique, Palaiseaux Cedex, France

    Dale Miller

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Popescu, A., Hölzl, J., Nipkow, T. (2012). Proving Concurrent Noninterference. In: Hawblitzel, C., Miller, D. (eds) Certified Programs and Proofs. CPP 2012. Lecture Notes in Computer Science, vol 7679. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35308-6_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35308-6_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35307-9

  • Online ISBN: 978-3-642-35308-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation