Skip to main content
SpringerLink
Log in
Book cover

International Conference on Mathematics of Program Construction

MPC 1998: Mathematics of Program Construction pp 254–271Cite as

A semantic approach to secure information flow

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1422))

Abstract

A classic problem in security is to determine whether a program has secure information flow. Informally, this problem is described as follows: Given a program with variables partitioned into two disjoint sets of “high-security” and “low-security” variables, check whether observations of the low-security variables reveal any information about the initial values of the high-security variables. Although the problem has been studied for several decades, most previous approaches have been syntactic in nature, often using type systems and compiler data flow analysis techniques to analyze program texts. This paper presents a considerably different approach to checking secure information flow, based on a semantic characterization. A semantic approach has several desirable features. Firstly, it gives a more precise characterization of security than that provided by most previous approaches. Secondly, it applies to any programming constructs whose semantics are definable; for instance, the introduction of nondeterminism and exceptions poses no additional problems. Thirdly, it can be used for reasoning about indirect leaking of information through variations in program behavior (e.g., whether or not the program terminates).

This is a preview of subscription content, log in via an institution.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Gregory R. Andrews and Richard P. Reitman. An axiomatic approach to information flow in programs. ACM Transactions on Programming Languages and Systems, 2(1):56–76, January 1980.

    Article  Google Scholar 

  2. Jean-Pierre Banâtre, Ciarán Bryce, and Daniel Le Métayer. Compile-time detection of information flow in sequential programs. In Proceedings of the European Symposium on Research in Computer Security, pages 55–73. Lecture Notes in Computer Science 875, Sprinter Verlag, 1994.

    Google Scholar 

  3. D. E. Bell and L. J. La Padula. Secure computer systems: Mathematical foundations and model. Technical Report M74-244, MITRE Corporation, Bedford, Massachusetts, 1973.

    Google Scholar 

  4. Dorothy E. Denning and Peter J. Denning. Certification of programs for secure information flow. Communications of the ACM, 20(7): 504–513, July 1977.

    Article  Google Scholar 

  5. Dorothy E. Denning. A lattice model of secure information flow. Communications of the ACM, 19(5):236–243, May 1976.

    Article  MATH  MathSciNet  Google Scholar 

  6. Edsger W. Dijkstra. A Discipline of Programming. Prentice-Hall, Englewood Cliffs, NJ, 1976.

    Google Scholar 

  7. Edsger W. Dijkstra and Carel S. Scholten. Predicate Calculus and Program Semantics. Texts and Monographs in Computer Science. Springer-Verlag, 1990.

    Google Scholar 

  8. Morrie Gasser. Building a secure computer system. Van Nostrand Reinhold Company, New York, 1988.

    Google Scholar 

  9. Eric C. R. Hehner. Predicative programming Part I. Communications of the ACM, 27(2): 134–143, February 1984.

    Article  MATH  MathSciNet  Google Scholar 

  10. Butler W. Lampson. A note on the confinement problem. Communications of the ACM, 16(10):613–615, October 1973.

    Article  Google Scholar 

  11. R.M. Dijkstra. Relational calculus and relational program semantics. Eindhoven Institute of Technology, 1992.

    Google Scholar 

  12. A. W. Roscoe. CSP and determinism in security modelling. In Security and Privacy. IEEE, 1995.

    Google Scholar 

  13. Dennis Volpano and Geoffrey Smith. Eliminating covert flows with minimum typings. In Proceedings of the 10th IEEE Computer Security Foundations Workshop, pages 156–168, June 1997.

    Google Scholar 

  14. Dennis Volpano and Geoffrey Smith. A type-based approach to program security. In Theory and Practice of Software Development: Proceedings/TAPSOFT '97, 7 th International Joint Conference CAAP/FASE, volume 1214 of Lecture Notes in Computer Science, pages 607–621. Springer, April 1997.

    Google Scholar 

  15. Dennis Volpano, Geoffrey Smith, and Cynthia Irvine. A sound type system for secure flow analysis. Journal of Computer Security, 4(3):1–21, 1996.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. DEC SRC, 94301, Palo Alto, CA, USA

    K. Rustan & M. Leino

  2. University of Texas, 78712, Austin, TX, USA

    Rajeev Joshi

Authors
  1. K. Rustan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. M. Leino
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rajeev Joshi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Johan Jeuring

Rights and permissions

Reprints and permissions

Copyright information

© 1998 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Rustan, K., Leino, M., Joshi, R. (1998). A semantic approach to secure information flow. In: Jeuring, J. (eds) Mathematics of Program Construction. MPC 1998. Lecture Notes in Computer Science, vol 1422. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0054294

Download citation

  • DOI: https://doi.org/10.1007/BFb0054294

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-64591-7

  • Online ISBN: 978-3-540-69345-1

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation