ABSTRACT
We propose a new algorithm of secrecy analysis in a framework integrating declarative programming and concurrency. The analysis of a program ensures that information can only flow from less sensitive levels toward more sensitive ones. Our algorithm uses a terminating abstract operational semantics which reduces the problem of secrecy to constraint solving within finite lattices. It departs in that from the previous works essentially based on type systems. Furthermore, our proposal is general and tackles a very large class of programs, featuring dynamic process creation, general sequential composition, recursive process calls and high level synchronization.
- J. Agat. Transforming out timing leaks. In Proceedings of the 27th ACM SIGPLAN - SIGACT Symposium on Principles of Programming Languages (POPL 2000), pages 40 -- 53, Boston, Jan. 2000. ACM.]] Google ScholarDigital Library
- J.-P. Banatre, C. Bryce, and D. L. Metayer. Compile-time detection of information flow in sequential programs. In D. Gollmann, editor, Computer Security, Proceedingd of the 3rd European Symposium on Research in Computer Security (ESORICS 94), volume 875 of Lecture Notes in Computer Science, pages 55 -- 73, Brighton, Nov. 1994. Springer Verlag.]] Google ScholarDigital Library
- A. Banerjee and D. A. Naumann. Secure information flow and pointer confinement in a java-like language. In Proceedings of the $15th IEEE Computer Security Foundations Workshop, Cape Breton, 2002.]] Google ScholarDigital Library
- D. E. Bell and L. J. LaPadula. Secure computer systems: Mathematical foundations. Technical Report ESD-TR-73-278 (Vol. I -- III), MITRE Corporation, Bedford, Apr. 1974.]]Google Scholar
- G. Boudol and I. Castellani. Noninterference for concurrent programs and thread systems. Theoretical Computer Science, 281(1):109 -- 130, 2002. Special issue: "Merci, Maurice, A mosaic in honour of Maurice Nivat" (P.-L. Curien, Ed.).]]Google ScholarDigital Library
- P. Cousot and R. Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the 4th ACM SIGPLAN - SIGACT Symposium on Principles of Programming Languages (POPL '77), pages 238 -- 252, Los Angeles, Jan. 1977. ACM.]] Google ScholarDigital Library
- D. E. Denning and P. J. Denning. Certification of programs for secure information flow. Communications of the ACM, 20(7):504 -- 513, July 1977.]] Google ScholarDigital Library
- N. Dershowitz and J.-P. Jouannaud. Rewrite systems. In J. van Leeuwen, editor, Handbook of Theoretical Computer Science, Volume B: Formal Models and Semantics, chapter 6, pages 243 -- 320. Elsevier, Amsterdam, 1990.]] Google ScholarDigital Library
- A. Di Pierro, C. Hankin, and H. Wiklicky. Probabilistic confinement in a declarative framework. Electronic Notes in Theoretical Computer Science, 48, 2001.]]Google Scholar
- A. Di Pierro, C. Hankin, and H. Wiklicky. Approximate non-interference. In Proceedings of the 15th IEEE Computer Security Foundations Workshop, Cape Breton, June 2002.]] Google ScholarDigital Library
- R. Echahed and W. Serwe. Combining mobile processes and declarative programming. In J. Lloyd et al., editors, Proceedings of the 1st International Conference on Computational Logic (CL 2000), volume 1861 of Lecture Notes in Artificial Intelligence, pages 300 -- 314, London, July 2000. Springer Verlag.]] Google ScholarDigital Library
- R. Echahed and W. Serwe. Integrating action definitions into concurrent declarative programming. Electronic Notes in Theoretical Computer Science, 64, Sept. 2002. special issue: selected papers of the International Workshop on Functional and (Constraint) Logic Programming (WFLP 2001).]]Google Scholar
- R. Focardi, R. Gorrieri, and F. Martinelli. Non interference for the analysis of cryptographic protocols. In U. Montanari, J. D. P. Rolim, and E. Welzl, editors, Proceeding of the 27th International Colloquium on Automata, Languages and Programming (ICALP 2000), volume 1853 of Lecture Notes in Computer Science, pages 354 -- 372, Geneva, July 2000. Springer Verlag.]] Google ScholarDigital Library
- W. Fokkink. Introduction to Process Algebra. Texts in Theoretical Computer Science. Springer Verlag, 2000.]] Google ScholarDigital Library
- J. W. Gray, III. Probabilistic interference. In Proceedings of the 1990 IEEE Symposium on Security and Privacy, pages 170 -- 179, Oakland, May 1990. IEEE Computer Society Press.]]Google ScholarCross Ref
- A. C. Myers. JFlow: Practical mostly-static information flow control. In Proceedings of the 26th ACM SIGPLAN - SIGACT Symposium on Principles of Programming Languages (POPL '99), pages 228 -- 241, San Antonio, Jan. 1999.]] Google ScholarDigital Library
- F. Prost. A static calculus of dependencies for the λ-cube. In Proceedings of the 15th Annual IEEE Symposium on Logic in Computer Science (LICS '2000), pages 267 -- 276, Santa Barbara, 2000. IEEE Computer Society Press.]] Google ScholarDigital Library
- A. Sabelfeld. The impact of synchronisation on secure information flow in concurrent programs. In D. Bjorner, M. Broy, and A. V. Zamulin, editors, Perspectives of System Informatics, Proceedings of the 4th International Andrei Ershov Memorial Conference (PSI 2001), volume 2244 of Lecture Notes in Computer Science, pages 225 -- 239, Akademgorodok, July 2001. Springer Verlag.]] Google ScholarDigital Library
- A. Sabelfeld and H. Mantel. Static confidentiality enforcement for distributed programs. In M. V. Hermenegildo and G. Puebla, editors, Proceedings of the 9th International Symposium on Static Analysis (SAS 2002), volume 2477 of Lecture Notes in Computer Science, pages 376 -- 394, Madrid, Sept. 2002. Springer Verlag.]] Google ScholarDigital Library
- A. Sabelfeld and A. C. Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, special issue on Design and Analysis Techniques for Security Assurance, 2002. to appear.]]Google Scholar
- A. Sabelfeld and D. Sands. Probabilistic noninterference for multi-threaded programs. In Proceedings of the 13th IEEE Computer Security Foundations Workshop, pages 200 -- 214, Cambridge, July 2000.]] Google ScholarDigital Library
- W. Serwe. On Concurrent Functional-Logic Programming. these de doctorat, Institut National Polytechnique de Grenoble, Mar. 2002.]]Google Scholar
- G. Smith. A new type system for secure information flow. In Proceedings of the 14th IEEE Computer Security Foundations Workshop, pages 115 -- 125, Cape Breton, June 2001. IEEE Computer Society Press.]] Google ScholarDigital Library
- G. Smith. Weak probabilistic bisimulation for secure information flow. In Proceedings of the Workshop on Issues in the Theory of Security (WITS '02), Portland, Jan. 2002.]]Google Scholar
- G. Smith and D. M. Volpano. Secure information flow in a multi-threaded imperative language. In Proceedings of the 25th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL '98), pages 355 -- 364, San Diego, Jan. 1998.]] Google ScholarDigital Library
- G. Smith, D. M. Volpano, and C. Irvine. A sound type system for secure flow analysis. Journal of Computer Security, 4(3):167 -- 187, 1996.]] Google ScholarDigital Library
- D. M. Volpano and G. Smith. Probabilistic noninterference in a concurrent language. Journal of Computer Security, 7(2, 3):231 -- 253, Nov. 1999.]] Google ScholarDigital Library
- N. Yoshida, K. Honda, and M. Berger. Linearity and bisimulation. In M. Nielsen and U. Engberg, editors, Proceedings of the 5th International Conference on Foundations of Software Science and Computer Structures (FoSSaCs 2002), volume 2303 of Lecture Notes in Computer Science, pages 417 -- 434. Springer Verlag, Apr. 2002.]] Google ScholarDigital Library
- M. Zanotti. Security typings by abstract interpretation. In M. V. Hermenegildo and G. Puebla, editors, Proceedings of the 9th International Symposium on Static Analysis (SAS 2002), volume 2477 of Lecture Notes in Computer Science, pages 360 -- 375, Madrid, Sept. 2002. Springer Verlag.]] Google ScholarDigital Library
Index Terms
- Statically assuring secrecy for dynamic concurrent processes
Recommendations
Formal Reasoning about Concurrent Assembly Code with Reentrant Locks
TASE '09: Proceedings of the 2009 Third IEEE International Symposium on Theoretical Aspects of Software EngineeringThis paper focuses on the problem of reasoning about concurrent assembly code with reentrant locks. Our verification technique is based on concurrent separation logic (CSL). In CSL, locks are treated as non-reentrant locks and each lock is associated ...
Safety of Deferred Update in Transactional Memory
ICDCS '13: Proceedings of the 2013 IEEE 33rd International Conference on Distributed Computing SystemsTransactional memory allows the user to declare sequences of instructions as speculative transactions that can either commit or abort. If a transaction commits, it appears to be executed sequentially, so that the committed transactions constitute a ...
Freedom from Deadlock of Safe Locking Policies
The usual method for preserving the consistency of a database when accessed (read and updated) concurrently by several transactions, is by locking the transactions according to some locking policy; a locking policy that guarantees the preservation of ...
Comments