From Fine- to Coarse-Grained Dynamic Information Flow Control and Back
By Marco Vassena, Utrecht University, The Netherlands, m.vassena@uu.nl | Alejandro Russo, Chalmers University of Technology, Sweden, russo@chalmers.se | Deepak Garg, Max Planck Institute for Software Systems, Germany, dg@mpi-sws.org | Vineet Rajani, University of Kent, UK, v.rajani@kent.ac.uk | Deian Stefan, University of California, San Diego, USA, deian@cs.ucsd.edu
Abstract
This tutorial provides a complete and homogeneous account of the latest advances in fine- and coarse-grained dynamic information-flow control (IFC) security. Since the 1970s, the programming language and the operating system communities proposed different IFC approaches. IFC operating systems track information flows in a coarse-grained fashion, at the granularity of a process. In contrast, traditional language-based approaches to IFC are fine-grained: they track information flows at the granularity of program variables. For decades, researchers believed coarse-grained IFC to be strictly less permissive than fine-grained IFC—coarse grained IFC systems seem inherently less precise because they track less information—and so granularity appeared to be a fundamental feature of IFC systems.
We show that the granularity of the tracking system does not fundamentally restrict how precise or permissive dynamic IFC systems can be. To this end, we mechanize two mostly standard languages, one with a fine-grained dynamic IFC system and the other with a coarse-grained dynamic IFC system, and prove a semantics-preserving translation from each language to the other. In addition, we derive the standard security property of non-interference of each language from that of the other, via our verified translation.
These translations stand to have important implications on the usability of IFC approaches. The coarse- to fine-grained direction can be used to remove the label annotation burden that fine-grained systems impose on developers, while the fine- to coarse-grained translation shows that coarse-grained systems—which are easier to design and implement—can track information as precisely as fine-grained systems and provides an algorithm for automatically retrofitting legacy applications to run on existing coarse-grained systems.
From Fine- to Coarse-Grained Dynamic Information Flow Control and Back
Dynamic information-flow control (IFC) is a principled approach to protecting the confidentiality and integrity of data in software systems. This tutorial provides a complete and homogeneous account of the latest advances in fine- and coarse-grained dynamic information-flow control security.
Written for students, practitioners and researchers, the authors first introduce both fine- and coarse-grained IFC in a gentle and accessible way, laying the groundwork for subsequent chapters. They proceed to show that, contrary to common belief, the granularity of the tracking system is not a fundamental feature of IFC systems and hence does not restrict how precise or permissive dynamic IFC systems can be. To achieve this, the authors demonstrate practical examples of both Fine to Coarse-Grained and Coarse- to Fine-Grained Program Translation.
This tutorial will give readers the insights required to understand, develop and implement dynamic information-flow control to improve the security of a wide variety of software systems.
