Advertisement

A Principled Approach to Tracking Information Flow in the Presence of Libraries

  • Daniel Hedin
  • Alexander SjöstenEmail author
  • Frank Piessens
  • Andrei Sabelfeld
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10204)

Abstract

There has been encouraging progress on information flow control for programs in increasingly complex programming languages, tracking the propagation of information from input sources to output sinks. Yet, programs are typically deployed in an environment with rich APIs and powerful libraries, posing challenges for information flow control when the code for these APIs and libraries is either unavailable or written in a different language.

This paper presents a principled approach to tracking information flow in the presence of libraries. With the goal to strike the balance between security and precision, we present a framework that explores the middle ground between the “shallow”, signature-based modeling of libraries and the “deep”, stateful approach, where library models need to be supplied manually. We formalize our approach for a core language, extend it with lists and higher-order functions, and establish soundness results with respect to the security condition of noninterference.

Keywords

Policy Language Library Model Library Function Label Semantic Core Language 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Notes

Acknowledgments

This work was partly funded by the European Community under the ProSecuToR project and the Swedish research agency VR.

References

  1. 1.
    Austin, T.H., Flanagan, C.: Permissive dynamic information flow analysis. In: PLAS (2010)Google Scholar
  2. 2.
    Austin, T.H., Flanagan, C.: Multiple facets for dynamic information flow. In: POPL (2012)Google Scholar
  3. 3.
    Bichhawat, A., Rajani, V., Garg, D., Hammer, C.: Information flow control in WebKit’s JavaScript bytecode. In: Abadi, M., Kremer, S. (eds.) POST 2014. LNCS, vol. 8414, pp. 159–178. Springer, Heidelberg (2014). doi: 10.1007/978-3-642-54792-8_9 CrossRefGoogle Scholar
  4. 4.
    Bielova, N., Rezk, T.: A taxonomy of information flow monitors. In: Piessens, F., Viganò, L. (eds.) POST 2016. LNCS, vol. 9635, pp. 46–67. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49635-0_3 CrossRefGoogle Scholar
  5. 5.
    Birgisson, A., Russo, A., Sabelfeld, A.: Unifying facets of information integrity. In: Jha, S., Mathuria, A. (eds.) ICISS 2010. LNCS, vol. 6503, pp. 48–65. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-17714-9_5 CrossRefGoogle Scholar
  6. 6.
    Devriese, D., Piessens, F.: Noninterference through secure multi-execution. In: S&P (2010)Google Scholar
  7. 7.
    Dimoulas, C., Findler, R.B., Flanagan, C., Felleisen, M.: Correct blame for contracts: no more scapegoating. In: POPL (2011)Google Scholar
  8. 8.
    Dimoulas, C., New, M.S., Findler, R.B., Felleisen, M.: Oh Lord, please don’t let contracts be misunderstood (functional pearl). In: ICFP (2016)Google Scholar
  9. 9.
    Disney, T., Flanagan, C.: Gradual information flow typing. In: STOP (2011)Google Scholar
  10. 10.
    Fennell, L., Thiemann, P.: Gradual security typing with references. In: CSF (2013)Google Scholar
  11. 11.
    Findler, R.B., Felleisen, M.: Contracts for higher-order functions. In: ICFP (2002)Google Scholar
  12. 12.
    Greenberg, M., Pierce, B.C., Weirich, S.: Contracts made manifest. In: POPL (2010)Google Scholar
  13. 13.
    De Groef, W., Devriese, D., Nikiforakis, N., Piessens, F.: FlowFox: a web browser with flexible and precise information flow control. In: CCS (2012)Google Scholar
  14. 14.
    De Groef, W., Devriese, D., Nikiforakis, N., Piessens, F.: Secure multi-execution of web scripts: theory and practice. J. Comput. Secur. 22(4), 469–509 (2014)CrossRefGoogle Scholar
  15. 15.
    Le Guernic, G.: Confidentiality enforcement using dynamic information flow analyses. PhD thesis, Kansas State University (2007)Google Scholar
  16. 16.
    Hedin, D., Bello, L., Sabelfeld, A.: Information-flow security for JavaScript and its APIs. J. Comput. Secur. (2015)Google Scholar
  17. 17.
    Hedin, D., Birgisson, A., Bello, L., Sabelfeld, A.: JSFlow: tracking information flow in JavaScript and its APIs. In: SAC (2014)Google Scholar
  18. 18.
    Hedin, D., Sabelfeld, A.: Information-flow security for a core of JavaScript. In: CSF (2012)Google Scholar
  19. 19.
    Hedin, D., Sjösten, A., Piessens, F., Sabelfeld, A.: A Principled Approach to Tracking Information Flow in the Presence of Libraries - full version. http://www.cse.chalmers.se/research/group/security/libraries/
  20. 20.
    Kashyap, V., Wiedermann, B., Hardekopf, B.: Timing-, termination-sensitive secure flow, I.: exploring a new approach. In: S&P (2011)Google Scholar
  21. 21.
    King, D., Jaeger, T., Jha, S., Seshia, S.A.: Effective blame for information-flow violations. In: FSE (2008)Google Scholar
  22. 22.
    Liskov, B., Shrira, L.: Promises: linguistic support for efficient asynchronous procedure calls in distributed systems. In: PLDI (1988)Google Scholar
  23. 23.
  24. 24.
    Mozilla Developer Network, Web APIs. https://developer.mozilla.org/en-US/docs/Web/API. Accessed Oct 2016
  25. 25.
    Node.js v6.9.1 Documentation. https://nodejs.org/dist/latest-v6.x/docs/api/. Accessed Oct 2016
  26. 26.
    Node Package Manager. https://www.npmjs.com/. Accessed Oct 2016
  27. 27.
    Oracle, Java Native Interface. https://docs.oracle.com/javase/8/docs/technotes/guides/jni/. Accessed Oct 2016
  28. 28.
    Rafnsson, W., Sabelfeld, A.: Secure multi-execution: fine-grained, declassification-aware, and transparent. In: CSF (2013)Google Scholar
  29. 29.
    Rajani, V., Bichhawat, A., Garg, D., Hammer, C.: Information flow control for event handling and the DOM in web browsers. In: CSF (2015)Google Scholar
  30. 30.
    Rajlich, N.: node-ffi. https://www.npmjs.com/package/node-ffi. Accessed Oct 2016
  31. 31.
    Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. Sel. Areas Commun. 21(1), 5–19 (2003)CrossRefGoogle Scholar
  32. 32.
    Siek, J.G., Taha, W.: Gradual typing for functional languages. In: SFP (2006)Google Scholar
  33. 33.
    Siek, J., Taha, W.: Gradual typing for objects. In: Ernst, E. (ed.) ECOOP 2007. LNCS, vol. 4609, pp. 2–27. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-73589-2_2 CrossRefGoogle Scholar
  34. 34.
    Haskell wiki, Foreign Function Interface. https://wiki.haskell.org/Foreign_Function_Interface. Accessed Oct 2016

Copyright information

© Springer-Verlag GmbH Germany 2017

Authors and Affiliations

  • Daniel Hedin
    • 1
    • 2
  • Alexander Sjösten
    • 1
    Email author
  • Frank Piessens
    • 3
  • Andrei Sabelfeld
    • 1
  1. 1.Chalmers University of TechnologyGothenburgSweden
  2. 2.Mälardalen UniversityVästeråsSweden
  3. 3.imec-DistriNetKU LeuvenLeuvenBelgium

Personalised recommendations