A Typed Assembly Language for Confidentiality

  • Dachuan Yu
  • Nayeem Islam
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3924)


Language-based information-flow analysis is promising in protecting data confidentiality. Although much work has been carried out in this area, relatively little has been done for assembly code. Source-level techniques do not easily generalize Techniques at a source level do not generalize straightforwardly to assembly code, because assembly code does not readily present certain abstraction about the program structure that is crucial to information-flow analysis. Nonetheless, low-level information-flow analysis is desirable, because it yields a small trusted computing base. Furthermore, many (untrusted) applications are distributed in native code; their verification should not be overlooked.

We present a simple yet effective solution for this problem. Our observation is that the missing abstraction in assembly code can be restored using annotations. Following the philosophy of certifying compilation, these annotations are generated by a compiler, used for static validation, and erased before execution. In particular, we propose a type system for low-level information-flow analysis. Our system is compatible with Typed Assembly Language, and models key features including a call stack, memory tuples and first-class code pointers. A noninterference theorem articulates that well-typed programs respect confidentiality. We also present a security-type preserving translation that targets our system, together with its soundness theorem. This illustrates the application of certifying compilation for noninterference.


Security Level Typing Rule Assembly Code Type Construct Security Context 


  1. 1.
    Abadi, M., Banerjee, A., Heintze, H., Riecke, J.G.: A core calculus of dependency. In: Proc. 26th ACM Symp. on Prin. of Prog. Lang., San Antonio, TX, pp. 147–160 (January 1999)Google Scholar
  2. 2.
    Agat, J.: Transforming out timing leaks. In: Proc. 27th ACM Symposium on Principles of Programming Languages, Boston, MA, pp. 40–53 (January 2000)Google Scholar
  3. 3.
    Agat, J.: Type Based Techniques for Covert Channel Elimination and Register Allocation. PhD thesis, Chalmers Univ. of Tech. and Gothenburg Univ., Gothenburg, Sweden (December 2000)Google Scholar
  4. 4.
    Ball, T.: What’s in a region? Or computing control dependence regions in near-linear time for reducible control flow. ACM Letters on Prog. Lang. and Syst. 2(1-4), 1–16 (1993)CrossRefGoogle Scholar
  5. 5.
    Banerjee, A., Naumann, D.A.: Secure information flow and pointer confinement in a Java-like language. In: Proc. 15th IEEE CSFW Workshop, pp. 253–267 (June 2002)Google Scholar
  6. 6.
    Barthe, G., Basu, A., Rezk, T.: Security types preserving compilation. In: Steffen, B., Levi, G. (eds.) VMCAI 2004. LNCS, vol. 2937, pp. 2–15. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  7. 7.
    Bonelli, E., Compagnoni, A., Medel, R.: SIFTAL: A typed assembly language for secure information flow analysis. Technical report, Stevens Inst. of Tech., Hoboken, NJ (July 2004)Google Scholar
  8. 8.
    Heintze, N., Riecke, J.G.: The SLam calculus: Programming with security and integrity. In: Proc. 25th ACMSymp. on Prin. of Prog. Lang., San Diego, CA, pp. 365–377 (January 1998)Google Scholar
  9. 9.
    Medel, R., Compagnoni, A., Bonelli, E.: Non-interference for a typed assembly language. In: Proc. 2005 Workshop on Foundations of Computer Security, Chicago, IL (June 2005)Google Scholar
  10. 10.
    Morrisett, G., Crary, K., Glew, N., Walker, D.: Stack-based typed assembly language. Journal of Functional Programming 12(1), 43–88 (2002)MathSciNetCrossRefMATHGoogle Scholar
  11. 11.
    Morrisett, G., Walker, D., Crary, K., Glew, N.: From system F to typed assembly language. ACM Transactions on Programming Languages and Systems 21(3), 527–568 (1999)CrossRefMATHGoogle Scholar
  12. 12.
    Myers, A.C.: JFlow: Practical mostly-static information flow control. In: Proc. 26th ACM Symp. on Prin. of Prog. Lang., San Antonio, TX, pp. 228–241 (1999)Google Scholar
  13. 13.
    Pottier, F., Simonet, V.: Information flow inference for ML. ACM Transactions on Programming Languages and Systems 25(1), 117–158 (2003)CrossRefMATHGoogle Scholar
  14. 14.
    Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications 21(1), 5–19 (2003)CrossRefGoogle Scholar
  15. 15.
    Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proc. of the IEEE 63(9) (September 1975)Google Scholar
  16. 16.
    Schneider, F.B., Morrisett, G., Harper, R.: A language-based approach to security. In: Wilhelm, R. (ed.) Informatics: 10 Years Back, 10 Years Ahead. LNCS, vol. 2000, pp. 86–101. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  17. 17.
    Smith, F., Walker, D.W., Morrisett, G.: Alias types. In: Smolka, G. (ed.) ESOP 2000. LNCS, vol. 1782, pp. 366–381. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  18. 18.
    Smith, G., Volpano, D.: Secure information flow in a multi-threaded imperative language. In: Proc. 25th ACMSymp. on Prin. of Prog. Lang., San Diego, CA, pp. 355–364 (January 1998)Google Scholar
  19. 19.
    Volpano, D., Smith, G.: Eliminating covert flows with minimum typings. In: 10th IEEE Computer Security Foundations Workshop, Washington, DC, pp. 156–169 (June 1997)Google Scholar
  20. 20.
    Volpano, D., Smith, G.: A type-based approach to program security. In: Proc. 7th Inter. Joint Conf. CAAP/FASE TAPSOFT, Lille, France. LNCS, pp. 607–621 (April 1997)Google Scholar
  21. 21.
    Volpano, D., Smith, G.: Probabilistic noninterference in a concurrent language. In: Proc. 11th IEEE CSFW Workshop, Washington, DC, pp. 34–43 (June 1998)Google Scholar
  22. 22.
    Xi, H., Harper, R.: A dependently typed assembly language. In: Proc. 6th ACM International Conference on Functional Programming, Florence, Italy, pp. 169–180 (September 2001)Google Scholar
  23. 23.
    Yu, D., Islam, N.: A typed assembly language for confidentiality. Technical Report DCLTR-2005-0002, DoCoMo Communications Laboratories USA, San Jose, CA (March 2005), http://www.docomolabsresearchers-usa.com/~dyu/talc-tr.pdf
  24. 24.
    Zdancewic, S., Myers, A.C.: Secure information flow via linear continuations. Higher-Order and Symbolic Computation 15(2–3), 209–234 (2002)CrossRefMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Dachuan Yu
    • 1
  • Nayeem Islam
    • 1
  1. 1.DoCoMo Communications LaboratoriesUSA

Personalised recommendations