The European Physical Journal Special Topics

, Volume 226, Issue 10, pp 2375–2392 | Cite as

Complexity and information flow analysis for multi-threaded programs

  • Tri Minh Ngo
  • Marieke Huisman
Part of the following topical collections:
  1. Aspects of Statistical Mechanics and Dynamical Complexity


This paper studies the security of multi-threaded programs. We combine two methods, i.e., qualitative and quantitative security analysis, to check whether a multi-threaded program is secure or not. In this paper, besides reviewing classical analysis models, we present a novel model of quantitative analysis where the attacker is able to select the scheduling policy. This model does not follow the traditional information-theoretic channel setting. Our analysis first studies what extra information an attacker can get if he knows the scheduler’s choices, and then integrates this information into the transition system modeling the program execution. Via a case study, we compare this approach with the traditional information-theoretic models, and show that this approach gives more intuitive-matching results.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    M.S. Alvim, M.E. Andrés, K. Chatzikokolakis, C. Palamidessi, Foundations of Security Analysis and Design vi. Chapter Quantitative Information Flow and Applications to Differential Privacy (Springer-Verlag, 2011), p. 211Google Scholar
  2. 2.
    M.S. Alvim, K. Chatzikokolakis, C. Palamidessi, G. Smith, Measuring information leakage using generalized gain functions, in Proceedings of the 2012 IEEE 25th Computer Security Foundations Symposium, CSF’12 (IEEE Computer Society, 2012), p. 265Google Scholar
  3. 3.
    M.E. Andres, C. Palamidessi, P. Rossum, A. Sokolova, Information hiding in probabilistic concurrent systems, in Proceedings of the 2010 Seventh International Conference on the Quantitative Evaluation of Systems, QEST’10 (IEEE Computer Society, 2010), p. 17Google Scholar
  4. 4.
    C. Cachin, Entropy Measures and Unconditional Security in Cryptography, PhD thesis, 1997Google Scholar
  5. 5.
    K. Chatzikokolakis, C. Palamidessi, P. Panangaden, Anonymity protocols as noisy channels, in Proceedings of the 2nd International Conference on Trustworthy Global Computing, TGC’06 (Springer-Verlag, 2007), p. 281Google Scholar
  6. 6.
    H. Chen, P. Malacaria, Quantitative analysis of leakage for multi-threaded programs, in Proceedings of the 2007 Workshop on Programming Languages and Analysis for Security, PLAS’07 (ACM, 2007), p. 31Google Scholar
  7. 7.
    H. Chen, P. Malacaria, The optimum leakage principle for analyzing multi-threaded programs, in Proceedings of the 4th International Conference on Information Theoretic Security, ICITS’09 (Springer-Verlag, 2010), pp. 177–193Google Scholar
  8. 8.
    D. Clark, S. Hunt, P. Malacaria, Quantitative Information Flow, Relations and Polymorphic types, J. Log. Comput. 15, 181 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    J.A. Goguen, J. Meseguer, Security policies and security models, in IEEE Symposium on Security and Privacy (1982), p. 11Google Scholar
  10. 10.
    M. Huisman, T.M. Ngo, Scheduler-specific confidentiality for multi-threaded programs and its logic-based verification, in Proceedings of the 2011 International Conference on Formal Verification of Object-Oriented Software, FoVeOOS’11 (Springer-Verlag, 2012), p. 178Google Scholar
  11. 11.
    M. Huisman, P. Worah, K. Sunesen, A temporal logic characterisation of observational determinism, in Proceedings of the 19th IEEE Workshop on Computer Security Foundations, CSFW’06 (IEEE Computer Society, 2006), p. 3Google Scholar
  12. 12.
    S.A. Kripke, Semantical considerations on modal logic, Acta Philosophica Fennica 16, 83 (1963)MathSciNetzbMATHGoogle Scholar
  13. 13.
    P. Malacaria, Risk assessment of security threats for looping constructs, J. Comp. Sec. 18, 191 (2010)Google Scholar
  14. 14.
    P. Malacaria, H. Chen, Lagrange multipliers and maximum information leakage in different observational models, in Proceedings of the third ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, PLAS ’08 (ACM, 2008), p. 135Google Scholar
  15. 15.
    I.S. Moskowitz, R.E. Newman, D.P. Crepeau, A.R. Miller, Covert channels and anonymizing networks, in Proceedings of the 2003 ACM workshop on Privacy in the electronic society, WPES’03 (ACM, 2003), p. 79Google Scholar
  16. 16.
    C. Mu, D. Clark, Quantitative analysis of secure information flow via probabilistic semantics, in Proceedings of the The Forth International Conference on Availability, Reliability and Security, ARES’09 (IEEE Computer Society, 2009), p. 49Google Scholar
  17. 17.
    T.M. Ngo, M. Stoelinga, M. Huisman, Confidentiality for probabilistic multi-threaded programs and its verification, in Proceedings of the 5th international conference on Engineering Secure Software and Systems, ESSoS’13 (Springer-Verlag, 2013), p. 107Google Scholar
  18. 18.
    T.M. Ngo, M. Stoelinga, M. Huisman, Effective verification of confidentiality for multi-threaded programs, J. Comp. Sec. (A special issue) 22, 269 (2014)Google Scholar
  19. 19.
    A.W. Roscoe, CSP and determinism in security modeling, in IEEE Symposium on Security and Privacy (IEEE Computer Society, 1995), p. 114Google Scholar
  20. 20.
    A. Sabelfeld, A. Myers, Language-based information flow security, IEEE Journal on Selected Areas in Communications 21, 5 (2003)CrossRefGoogle Scholar
  21. 21.
    A. Sabelfeld, D. Sands, Probabilistic noninterference for multi-threaded programs, in Proceedings of the 13th IEEE workshop on Computer Security Foundations, CSFW’00 (IEEE Computer Society, 2000), p. 200Google Scholar
  22. 22.
    G. Smith, Probabilistic noninterference through weak probabilistic bisimulation, in Proceedings of the 16th IEEE workshop on Computer Security Foundations, CSFW’03 (IEEE Computer Society, 2000)Google Scholar
  23. 23.
    G. Smith, Principles of secure information flow analysis, in Malware Detection (Springer-Verlag, 2007), p. 297Google Scholar
  24. 24.
    G. Smith, On the foundations of quantitative information flow, in Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures, FOSSACS’09 (Springer-Verlag, 2009), p. 288Google Scholar
  25. 25.
    T. Terauchi, A type system for observational determinism, in Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium, CSF’08 (IEEE Computer Society, 2008), p. 287Google Scholar
  26. 26.
    D. Volpano, C. Irvine, G. Smith, A sound type system for secure flow analysis, J. Comp. Sec. 4, 167 (1996)Google Scholar
  27. 27.
    D. Volpano, G. Smith, Probabilistic noninterference in a concurrent language, J. Comp. Sec. 7, 231 (1999)Google Scholar
  28. 28.
    S. Zdancewic, A.C. Myers, Observational determinism for concurrent program security, in Proceedings of 16th IEEE Computer Security Foundations Workshop, CSFW’03 (IEEE Computer Society, 2003), p. 29Google Scholar
  29. 29.
    J. Zhu, M. Srivatsa, Quantifying information leakage in finite order deterministic programs, arXiv:1009.3951v1 (2010)
  30. 30.
    J. Zhu, M. Srivatsa, Poster: on quantitative information flow metrics, in Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS’11 (ACM, 2011), p. 877Google Scholar
  31. 31.
    Y. Zhu, R. Bettati, Anonymity vs. information leakage in anonymity systems, in Proceedings of the 25th IEEE International Conference on Distributed Computing Systems, ICDCS’05 (IEEE Computer Society, 2005), p. 514Google Scholar

Copyright information

© EDP Sciences and Springer 2017

Authors and Affiliations

  1. 1.The University of Danang, University of Science and TechnologyDanangVietnam
  2. 2.The University of TwenteEnschedeThe Netherlands

Personalised recommendations