Disjunctive Information Flow for Communicating Processes

  • Ximeng LiEmail author
  • Flemming Nielson
  • Hanne Riis Nielson
  • Xinyu Feng
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9533)


The security validation of practical computer systems calls for the ability to specify and verify information flow policies that are dependent on data content. Such policies play an important role in concurrent, communicating systems: consider a scenario where messages are sent to different processes according to their tagging. We devise a security type system that enforces content-dependent information flow policies in the presence of communication and concurrency. The type system soundly guarantees a compositional noninterference property. All theoretical results have been formally proved in the Coq proof assistant [9].


Type System Variable Policy Concurrent System Typing Rule Atomic Channel 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Amtoft, T., Dodds, J., Zhang, Z., Appel, A., Beringer, L., Hatcliff, J., Ou, X., Cousino, A.: A certificate infrastructure for machine-checked proofs of conditional information flow. In: Degano, P., Guttman, J.D. (eds.) Principles of Security and Trust. LNCS, vol. 7215, pp. 369–389. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  2. 2.
    Apt, K.R.: Ten years of Hoare’s logic: A survey - part 1. ACM Trans. Program. Lang. Syst. 3(4), 431–483 (1981)CrossRefzbMATHGoogle Scholar
  3. 3.
    Austin, T.H., Flanagan, C.: Efficient purely-dynamic information flow analysis. In: PLAS 2009, pp. 113–124 (2009)Google Scholar
  4. 4.
    Besson, F., Bielova, N., Jensen, T.: Hybrid information flow monitoring against web tracking. In: CSF 2013 (2013)Google Scholar
  5. 5.
    Boudol, G., Castellani, I.: Noninterference for concurrent programs and thread systems. Theoret. Comput. Sci. 281(1), 109–130 (2002)CrossRefMathSciNetzbMATHGoogle Scholar
  6. 6.
    Broberg, N., Sands, D.: Paralocks: role-based informationflow control and beyond. In: POPL 2010, pp. 431–444 (2010)Google Scholar
  7. 7.
    Clarkson, M.R., Chong, S., Myers, A.C.: Civitas: Toward a secure voting system. In: S&P 2008, pp. 354–368 (2008)Google Scholar
  8. 8.
    Cohen, E.S.: Information transmission in computational systems. In: SOSP 1977 (1977)Google Scholar
  9. 9.
    The Coq Proof Assistant.
  10. 10.
    Dam, M.: Decidability and proof systems for language-based noninterference relations. In: POPL 2006 (2006)Google Scholar
  11. 11.
    Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Commun. ACM 20(7), 504–513 (1977)CrossRefzbMATHGoogle Scholar
  12. 12.
    Eggert, S., van der Meyden, R., Schnoor, H., Wilke, T.: The complexity of intransitive noninterference. In: S&P 2011, pp. 196–211 (2011)Google Scholar
  13. 13.
    Fenton, J.S.: Memoryless subsystems. Comput. J. 17(2), 143–147 (1974)CrossRefMathSciNetzbMATHGoogle Scholar
  14. 14.
    Focardi, R., Rossi, S.: Information flow security in dynamic contexts. In: (CSFW 2002), pp. 307–319 (2002)Google Scholar
  15. 15.
    Hedin, D., Birgisson, A., Bello, L., Sabelfeld, A.: JSFlow: tracking information flow in javascript and its APIs. In: SAC 2014, pp. 1663–1671 (2014)Google Scholar
  16. 16.
    Hedin, D., Sabelfeld, A.: A perspective on information-flow control. In: Software Safety and Security - Tools for Analysis and Verification, pp. 319–347 (2012)Google Scholar
  17. 17.
    Jones, C.B.: Development Methods for Computer Programs including a Notion of Interference. Ph.D. thesis, Oxford University, June 1981Google Scholar
  18. 18.
    Jovanovic, N., Kruegel, C., Kirda, E.: Pixy: A static analysis tool for detecting web application vulnerabilities, p. 6 (2006)Google Scholar
  19. 19.
    Kobayashi, N.: Type-based information flow analysis for the pi-calculus. Acta Inf. 42(4–5), 291–347 (2005)CrossRefMathSciNetzbMATHGoogle Scholar
  20. 20.
    Lourenço, L., Caires, L.: Dependent information flow types. In: POPL 2015 (2015)Google Scholar
  21. 21.
    Mantel, H., Sabelfeld, A.: A unifying approach to the security of distributed and multi-threaded programs. J. Comput. Secur. 11(4), 615–676 (2003)Google Scholar
  22. 22.
    Mantel, H., Sudbrock, H.: Flexible scheduler-independent security. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 116–133. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  23. 23.
    Milner, R.: Communication and Concurrency, vol. 84. Prentice hall, Upper Saddle River (1989)zbMATHGoogle Scholar
  24. 24.
    Rafnsson, W., Sabelfeld, A.: Compositional information-flow security for interactive systems. In: CSF 2014, pp. 277–292 (2014)Google Scholar
  25. 25.
    Rushby, J.: Separation and integration in MILS (the MILS constitution). Computer Science Laboratory SRI International, Technical Report (2008)Google Scholar
  26. 26.
    Sabelfeld, A.: Confidentiality for multithreaded programs via bisimulation. In: Broy, M., Zamulin, A.V. (eds.) PSI 2003. LNCS, vol. 2890, pp. 260–274. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  27. 27.
    Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. Sel. Areas Commun. 21(1), 5–19 (2003)CrossRefGoogle Scholar
  28. 28.
    Sabelfeld, A., Sands, D.: Probabilistic noninterference for multi-threaded programs. In: CSFW 2000, pp. 200–214 (2000)Google Scholar
  29. 29.
    Smith, G.: Improved typings for probabilistic noninterference in a multi-threaded language. J. Comput. Secur. 14(6), 591–623 (2006)Google Scholar
  30. 30.
    Smith, G., Volpano, D.M.: Secure information flow in a multi-threaded imperative language. In: POPL 1998, pp. 355–364 (1998)Google Scholar
  31. 31.
    van der Meyden, R., Zhang, C.: Information flow in systems with schedulers, part I: definitions. Theor. Comput. Sci. 467, 68–88 (2013)CrossRefMathSciNetzbMATHGoogle Scholar
  32. 32.
    Volpano, D.M., Irvine, C.E., Smith, G.: A sound type system for secure flow analysis. J. Comput. Secur. 4(2/3), 167–188 (1996)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Ximeng Li
    • 1
    Email author
  • Flemming Nielson
    • 1
  • Hanne Riis Nielson
    • 1
  • Xinyu Feng
    • 2
  1. 1.DTU ComputeTechnical University of DenmarkKongens LyngbyDenmark
  2. 2.University of Science and Technology of ChinaHefeiChina

Personalised recommendations