Information Flow Is Linear Refinement of Constancy
Detecting information flows inside a program is useful to check non-interference of program variables, an important aspect of software security. Information flows have been computed in the past by using abstract interpretation over an abstract domain IF which expresses sets of flows. In this paper we reconstruct IF as the linear refinement C → C of a basic domain C expressing constancy of program variables. This is important since we also show that C → C, and hence IF, is closed w.r.t. linear refinement, and is hence optimal and condensing. Then a compositional, input-independent static analysis over IF has the same precision of a non-compositional, input-driven analysis. Moreover, we show that C → C has a natural representation in terms of Boolean formulas, efficiently implementable through binary decision diagrams.
KeywordsLogic Program Complete Lattice Abstract Interpretation Program Variable Boolean Formula
Unable to display preview. Download preview PDF.
- 4.Cousot, P., Cousot, R.: Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. In: Proc. of the 4th ACM Symposium on Principles of Programming Languages (POPL), pp. 238–252 (1977)Google Scholar
- 5.Cousot, P., Cousot, R.: Systematic Design of Program Analysis Frameworks. In: Proc. of the 6th ACM Symp. on Principles of Programming Languages, pp. 269–282 (1979)Google Scholar
- 6.Genaim, S., Giacobazzi, R., Mastroeni, I.: Modeling Secure Information Flow with Boolean Functions. In: Ryan, P. (ed.) ACM SIGPLAN and GI FoMSESS Workshop on Issues in the Theory of Security, April 2004, pp. 55–66 (2004)Google Scholar
- 8.Giacobazzi, R., Mastroeni, I.: Abstract Non-Interference: Parameterizing Non-Interference by Abstract Interpretation. In: Proc. of the 31st Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’04), Venice, Italy, January 2004, pp. 186–197. ACM-Press, New York (2004)CrossRefGoogle Scholar
- 14.Sekar, M.C., Mishra, P., Ramakrishnan, I.V.: On the Power and Limitation of Strictness Analysis Based on Abstract Interpretation. In: Proc. of the 18th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 1991), Orlando, Florida, January 1991, pp. 37–48 (1991)Google Scholar
- 15.Volpano, D., Smith, G., Irvine, C.: A Sound Type System for Secure Flow Analysis. Journal of Computer Security 4(2,3), 167–187 (1996)Google Scholar