Abstract
This paper focuses on tracking information flow in the presence of delayed output. We motivate the need to address delayed output in the domains of IoT apps and email marketing. We discuss the threat of privacy leaks via delayed output in code published by malicious app makers on popular IoT app platforms. We discuss the threat of privacy leaks via delayed output in non-malicious code on popular platforms for email-driven marketing. We present security characterizations of projected noninterference and projected weak secrecy to capture information flows in the presence of delayed output in malicious and non-malicious code, respectively. We develop two security type systems: for information flow control in potentially malicious code and for taint tracking in non-malicious code, engaging read and write security types to soundly enforce projected noninterference and projected weak secrecy.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bastys, I., Balliu, M., Sabelfeld, A.: If this then what? Controlling flows in IoT apps. In: ACM CCS (2018)
Bastys, I., Piessens, F., Sabelfeld, A.: Tracking Information Flow via Delayed Output: Addressing Privacy in IoT and Emailing Apps. Full version at http://www.cse.chalmers.se/research/group/security/nordsec18
Bichhawat, A., Rajani, V., Garg, D., Hammer, C.: Information flow control in WebKit’s JavaScript bytecode. In: Abadi, M., Kremer, S. (eds.) POST 2014. LNCS, vol. 8414, pp. 159–178. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54792-8_9
Bielova, N., Devriese, D., Massacci, F., Piessens, F.: Reactive non-interference for the browser: extended version. Technical report, KULeuven, 2011. Report CW 602 (2011)
Birgisson, A., Russo, A., Sabelfeld, A.: Unifying facets of information integrity. In: Jha, S., Mathuria, A. (eds.) ICISS 2010. LNCS, vol. 6503, pp. 48–65. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17714-9_5
BMW Labs. Automatically get an email every time you park your BMW with a map to where you’re parked (2018). https://ifttt.com/applets/346212p-automatically-get-an-email-every-time-you-park-your-bmw-with-a-map-to-where-you-re-parked
Chen, E.Y., Gorbaty, S., Singhal, A., Jackson, C.: Self-Exfiltration: the dangers of browser-enforced information flow control. In: W2SP (2012)
Cohen, E.S.: Information transmission in computational systems. In: SOSP (1977)
Cohen, E.S.: Information transmission in sequential programs. In: F. Sec. Comp. Academic Press (1978)
Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Commun. ACM 20, 504–513 (1977)
Fernandes, E., Paupore, J., Rahmati, A., Simionato, D., Conti, M., Prakash, A.: FlowFence: practical data protection for emerging IoT application frameworks. In: USENIX Security (2016)
Fernandes, E., Rahmati, A., Jung, J., Prakash, A.: Decentralized action integrity for trigger-action IoT platforms. In: NDSS (2018)
General Data Protection Regulation, EU Regulation 2016/679 (2018)
Giacobazzi, R., Mastroeni, I.: Abstract non-interference: parameterizing non-interference by abstract interpretation. In: POPL (2004)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: IEEE S&P (1982)
Greiner, S., Grahl, D.: Non-interference with what-declassification in component-based systems. In: CSF (2016)
Groef, W.D., Devriese, D., Nikiforakis, N., Piessens, F.: Flowfox: a web browser with flexible and precise information flow control. In: ACM CCS (2012)
Hedin, D., Bello, L., Sabelfeld, A.: Information-flow security for JavaScript and its APIs. J. Comp. Sec. 24, 181–234 (2016)
Hedin, D., Birgisson, A., Bello, L., Sabelfeld, A.: Jsflow: tracking information flow in JavaScript and its APIs. In: SAC, pp. 1663–1671. ACM (2014)
Hedin, D., Sabelfeld, A.: A perspective on information-flow control. In: Software Safety and Security. IOS Press (2012)
IFTTT. How people use IFTTT today (2016). https://ifttt.com/blog/2016/11/connected-life-of-an-ifttt-user
IFTTT. 550 apps and devices now work with IFTTT (2017). https://ifttt.com/blog/2017/09/550-apps-and-devices-now-on-ifttt-infographic
MailChimp (2018). https://mailchimp.com
mcb. Sync all your new iOS Contacts to a Google Spreadsheet (2018). https://ifttt.com/applets/102384p-sync-all-your-new-ios-contacts-to-a-google-spreadsheet
Murray, T.C., Sison, R., Pierzchalski, E., Rizkallah, C.: Compositional verification and refinement of concurrent value-dependent noninterference. In: CSF (2016)
Myers, A.C., Liskov, B.: A decentralized model for information flow control. In: SOSP (1997)
Poddebniak, D., et al.: Efail: breaking S/MIME and OpenPGP email encryption using Exfiltration channels. In: USENIX Security (2018)
Russo, A., Sabelfeld, A., Li, K.: Implicit flows in malicious and nonmalicious code. In: Logics and Languages for Reliability and Security. IOS Press (2010)
Sabelfeld, A., Mantel, H.: Securing communication in a concurrent language. In: SAS (2002)
Sabelfeld, A., Sands, D.: A per model of secure information flow in sequential programs. High. Order Symb. Comput. 14, 59–91 (2001)
Sabelfeld, A., Sands, D.: Declassification: Dimensions and principles. JCS 17, 517–548 (2009)
Schoepe, D., Balliu, M., Pierce, B.C., Sabelfeld, A.: Explicit secrecy: a policy for taint tracking. In: EuroS&P (2016)
Schwartz, E.J., Avgerinos, T., Brumley, D.: All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: IEEE S&P (2010)
Sen, S., Guha, S., Datta, A., Rajamani, S.K., Tsai, J.Y., Wing, J.M.: Bootstrapping privacy compliance in big data systems. In: IEEE S&P (2014)
silvamerica. Add a map image of current location to Dropbox (2018). https://ifttt.com/applets/255978p-add-a-map-image-of-current-location-to-dropbox
Staicu, C.-A., Pradel, M., Livshits, B.: Understanding and automatically preventing injection attacks on Node.js. In: NDSS (2018)
Surbatovich, M., Aljuraidan, J., Bauer, L., Das, A., Jia, L.: Some recipes can do more than spoil your appetite: analyzing the security and privacy risks of IFTTT recipes. In: WWW (2017)
Volpano, D.: Safety versus secrecy. In: Cortesi, A., Filé, G. (eds.) SAS 1999. LNCS, vol. 1694, pp. 303–311. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48294-6_20
Acknowledgements
This work was partially supported by the Wallenberg AI, Autonomous Systems and Software Program (WASP) funded by the Knut and Alice Wallenberg Foundation. It was also partly funded by the Swedish Foundation for Strategic Research (SSF) and the Swedish Research Council (VR).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Bastys, I., Piessens, F., Sabelfeld, A. (2018). Tracking Information Flow via Delayed Output. In: Gruschka, N. (eds) Secure IT Systems. NordSec 2018. Lecture Notes in Computer Science(), vol 11252. Springer, Cham. https://doi.org/10.1007/978-3-030-03638-6_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-03638-6_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03637-9
Online ISBN: 978-3-030-03638-6
eBook Packages: Computer ScienceComputer Science (R0)