Abstract
Non-interference is typically used as a baseline security policy to formalize confidentiality of secret information manipulated by a program. In contrast to static checking of non-interference, this paper considers dynamic, automaton-based, monitoring of information flow for a single execution of a sequential program. The monitoring mechanism is based on a combination of dynamic and static analyses. During program execution, abstractions of program events are sent to the automaton, which uses the abstractions to track information flows and to control the execution by forbidding or editing dangerous actions. The mechanism proposed is proved to be sound, to preserve executions of well-typed programs (in the security type system of Volpano, Smith and Irvine), and to preserve some safe executions of ill-typed programs.
Banerjee and Le Guernic were partially supported by NSF grants CNS-0627748, CNS-0209205, CCF-0296182 and ITR-0326577. Schmidt was partially supported by NSF grants ITR-0326577 and ITR-0086154. Le Guernic was also partially supported by the PoTestAT project (ACI Sécurité).
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Goguen, J.A., Meseguer, J.: Security Policies and Security Models. In: Proc. Symp. Security and Privacy, pp. 11–20 (1982)
Cohen, E.S.: Information Transmission in Computational Systems. ACM SIGOPS Operating Systems Review 11(5), 133–139 (1977)
Sabelfeld, A., Myers, A.C.: Language-Based Information-Flow Security. IEEE J. Selected Areas in Communications 21(1), 5–19 (2003)
Banerjee, A., Naumann, D.A.: Stack-based Access Control and Secure Information Flow. Journal of Functional Programming 15(2), 131–177 (2005)
Myers, A.C.: JFlow: Practical Mostly-Static Information Flow Control. In: Proc. ACM Symp. Principles of Programming Languages, pp. 228–241 (1999)
Pottier, F., Simonet, V.: Information flow inference for ML. ACM Trans. on Programming Languages and Systems 25(1), 117–158 (2003)
Abadi, M., Banerjee, A., Heintze, N., Riecke, J.G.: A Core calculus of Dependency. In: Proc. ACM Symp. Principles of Programming Languages, pp. 147–160 (1999)
Barthe, G., Serpette, B.: Partial evaluation and non-interference for object calculi. In: Middeldorp, A. (ed.) FLOPS 1999. LNCS, vol. 1722, pp. 53–67. Springer, Heidelberg (1999)
Sabelfeld, A., Sands, D.: A Per Model of Secure Information Flow in Sequential Programs. Higher Order and Symbolic Computation 14(1), 59–91 (2001)
Mizuno, M., Schmidt, D.: A Security Flow Control Algorithm and Its Denotational Semantics Correctness Proof. J. Formal Aspects of Comp. 4(6A), 727–754 (1992)
Volpano, D., Smith, G., Irvine, C.: A Sound Type System for Secure Flow Analysis. J. Computer Security 4(3), 167–187 (1996)
Hamlen, K.W., Morrisett, G., Schneider, F.B.: Computability classes for enforcement mechanisms. ACM Trans. Program. Lang. Syst. 28(1), 175–205 (2006)
Le Guernic, G., Banerjee, A., Schmidt, D.: Automaton-based Non-interference Monitoring. Technical Report, -1, Kansas State University, Manhattan, KS, USA (April 2006) (2006), http://www.cis.ksu.edu/schmidt/techreport/2006.list.html
Schneider, F.B.: Enforceable security policies. ACM Trans. Inf. Syst. Secur. 3(1), 30–50 (2000)
McLean, J.: A General Theory of Composition for Trace Sets Closed Under Selective Interleaving Functions. In: Proc. Symp. Security and Privacy, pp. 79–93 (1994)
Ashby, W.R.: An Introduction to Cybernetics. Chapman & Hall, London (1956)
Vachharajani, N., Bridges, M.J., Chang, J., Rangan, R., Ottoni, G., Blome, J.A., Reis, G.A., Vachharajani, M., August, D.I.: RIFLE: An Architectural Framework for User-Centric Information-Flow Security. In: Proc. Symp. Microarchitecture (2004)
Kahn, G.: Natural Semantics. In: Brandenburg, F.J., Wirsing, M., Vidal-Naquet, G. (eds.) STACS 87. LNCS, vol. 247, pp. 22–39. Springer, Heidelberg (1987)
Ligatti, J., Bauer, L., Walker, D.: Edit automata: enforcement mechanisms for run-time security policies. Int. J. Inf. Sec 4(1-2), 2–16 (2005)
Viswanathan, M.: Foundations for the Run-time Analysis of Software Systems. PhD thesis, University of Pennsylvania (December 2000)
Smith, G., Volpano, D.: Secure Information Flow in a Multi-threaded Imperative Language. In: Proc. ACM Symp. on Principles of Programming Languages (January 1998), pp. 355–364 (1998)
Schneider, F.B., Morrisett, G., Harper, R.: A Language-Based Approach to Security. In: Wilhelm, R. (ed.) Informatics. LNCS, vol. 2000, pp. 86–101. Springer, Heidelberg (2001)
Erlingsson, Ú.: The Inlined Reference Monitor Approach to Security Policy Enforcement. PhD thesis, Department of Computer Science, Cornell University (2003)
Erlingsson, Ú., Schneider, F.B.: SASI Enforcement of Security Policies: A Retrospective. In: Proc. New Security Paradigms Workshop, pp. 87–95. ACM Press, New York (1999)
Hamlen, K.W., Morrisett, G., Schneider, F.B.: Certified In-lined Reference Monitoring on .NET. In: ACM Workshop on Programming Languages and Analysis for Security, ACM Press, New York (2006)
Ligatti, J., Bauer, L., Walker, D.: Enforcing Non-safety Security Policies with Program Monitors. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 355–373. Springer, Heidelberg (2005)
Pottier, F.c., Conchon, S.: Information flow inference for free. In: Proc. ACM International Conf. on Functional Programming, pp. 46–57 (2000)
Le Guernic, G., Jensen, T.: Monitoring Information Flow. In: Proceedings of the Workshop on Foundations of Computer Security (June 2005), pp. 19–30. DePaul University (2005)
Masri, W., Podgurski, A., Leon, D.: Detecting and Debugging Insecure Information Flows. In: Symp. on Software Reliability Engineering, pp. 198–209 (2004)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Le Guernic, G., Banerjee, A., Jensen, T., Schmidt, D.A. (2007). Automata-Based Confidentiality Monitoring. In: Okada, M., Satoh, I. (eds) Advances in Computer Science - ASIAN 2006. Secure Software and Related Issues. ASIAN 2006. Lecture Notes in Computer Science, vol 4435. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77505-8_7
Download citation
DOI: https://doi.org/10.1007/978-3-540-77505-8_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77504-1
Online ISBN: 978-3-540-77505-8
eBook Packages: Computer ScienceComputer Science (R0)