Advertisement

Abstract

We investigate the issue of typing confidentiality in a language-based information-flow security approach, aiming at improving some previously proposed type systems, especially for higher-order languages with mutable state à la ML. We show that the typing of termination leaks can be largely improved, by particularizing the case where the alternatives in a conditional branching both terminate. Moreover, we also provide a quite precise way of approximating the confidentiality level of an expression, that ignores the level of values used for side-effects only.

Keywords

Type System Memory Location Security Level Transition Relation Operational Semantic 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Almeida Matos, A., Boudol, G.: On declassification and the non-disclosure policy. To appear in the proceedings of the 18th IEEE Computer Security Foundations Workshop (2005)Google Scholar
  2. 2.
    Boudol, G., Castellani, I.: Non-interference for concurrent programs and thread systems. Theoretical Comput. Sci. 281(1), 109–130 (2002)zbMATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Cohen, E.: Information transmission in computational systems. In: 6th ACM Symp. on Operating Systems Principles, pp. 133–139 (1977)Google Scholar
  4. 4.
    Crary, K., Kliger, A., Pfenning, F.: A monadic analysis of information flow security with mutable state. J. of Functional Programming 15(2), 249–291 (2005)zbMATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    Denning, D.E.: A lattice model of secure information flow. CACM 19(5), 236–243 (1976)zbMATHMathSciNetGoogle Scholar
  6. 6.
    Goguen, J.A., Meseguer, J.: Security policies and security models. In: IEEE Symp. on Security and Privacy, pp. 11–20 (1982)Google Scholar
  7. 7.
    Heintze, N., Riecke, J.: The SLam calculus: programming with secrecy and integrity. In: POPL 1998, pp. 365–377 (1998)Google Scholar
  8. 8.
    Landin, P.J.: The mechanical evaluation of expressions. Computer Journal 6, 308–320 (1964)zbMATHGoogle Scholar
  9. 9.
    Lucassen, J.M., Gifford, D.K.: Polymorphic effect systems. In: POPL 1988, pp. 47–57 (1988)Google Scholar
  10. 10.
    Myers, A.: JFlow: practical mostly-static information flow control. In: POPL 1999 (1999)Google Scholar
  11. 11.
    Pottier, F., Simonet, V.: Information flow inference for ML. ACM TOPLAS 25(1), 117–158 (2003)CrossRefGoogle Scholar
  12. 12.
    Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. on Selected Areas in Communications 21(1), 5–19 (2003)CrossRefGoogle Scholar
  13. 13.
    Sabelfeld, A., Sands, D.: Probabilistic noninterference for multi-threaded programs. In: CSFW 2000 (2000)Google Scholar
  14. 14.
    Sabelfeld, A., Sands, D.: Dimensions and principles of declassification. In: Proceedings of the 18th IEEE Computer Security Foundations Workshop (2005)Google Scholar
  15. 15.
    Smith, G.: A new type system for secure information flow. In: CSFW 2001 (2001)Google Scholar
  16. 16.
    Smith, G., Volpano, D.: Secure information flow in a multi-threaded imperative language. In: POPL 1998 (1998)Google Scholar
  17. 17.
    Volpano, D., Smith, G.: Eliminating covert flows with minimum typings. In: CSFW 1997, pp. 156–168 (1997)Google Scholar
  18. 18.
    Volpano, D., Smith, G., Irvine, C.: A sound type system for secure flow analysis. J. of Computer Security 4(3), 167–187 (1996)Google Scholar
  19. 19.
    Zdancewic, S.: Programming Languages for Information Security, PhD Thesis, Cornell University (2002)Google Scholar
  20. 20.
    Zdancewic, S.: Challenges for information-flow security. In: PLID 2004 (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Gérard Boudol
    • 1
  1. 1.INRIA Sophia Antipolis 

Personalised recommendations