Confidentiality of Interactions in Concurrent Object-Oriented Systems

  • Olaf OweEmail author
  • Toktam Ramezanifarkhani
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10436)


We consider a general concurrency model for distributed systems, based on concurrent objects communicating by asynchronous methods. This model is suitable for modeling of modern service-oriented systems, and gives rise to efficient interaction avoiding active waiting and low-level synchronization primitives such as explicit signaling and lock operations. This concurrency model has a simple semantics and allows us to focus on information flow at a high level of abstraction, and allows realistic analysis by avoiding unnecessary restrictions on information flow between confidential and non-confidential data. We formalize our approach by introducing a high-level language for this concurrency model, and we provide a secrecy-type system to capture inter-object communication. We prove soundness based on an operational semantics, which includes runtime secrecy levels.


Concurrent objects Asynchronous methods Communication patterns Information flow Secrecy Confidentiality Distributed systems Inter-object leakage 


  1. 1.
    Askarov, A., Hunt, S., Sabelfeld, A., Sands, D.: Termination-insensitive noninterference leaks more than just a bit. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 333–348. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-88313-5_22CrossRefGoogle Scholar
  2. 2.
    Banerjee, A., Naumann, D.A.: Stack-based access control and secure information flow. J. Funct. Program. 15(02), 131–177 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Barthe, G., Rezk, T., Russo, A., Sabelfeld, A.: Security of multithreaded programs by compilation. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 2–18. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-74835-9_2CrossRefGoogle Scholar
  4. 4.
    D. Devriese and F. Piessens. Noninterference through secure multi-execution. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 109–124. IEEE (2010)Google Scholar
  5. 5.
    Din, C.C., Dovland, J., Johnsen, E.B., Owe, O.: Observable behavior of distributed systems: component reasoning for concurrent objects. J. Logic Algebr. Program. 81(3), 227–256 (2012)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Erlingsson, U.: The inlined reference monitor approach to security policy enforcement. Ph.D. thesis, Cornell University, Ithaca, NY, USA (2004). AAI3114521Google Scholar
  7. 7.
    Goguen, J.A., Meseguer, J.: Unwinding and inference control. In: IEEE Symposium on Security and Privacy, p. 75 (1984)Google Scholar
  8. 8.
    Heintze, N., Riecke, J.G.: The SLAM calculus: programming with secrecy and integrity. In: Proceedings of POPL 1998, pp. 365–377. ACM (1998)Google Scholar
  9. 9.
    Hodges, S.J., Jones, C.B.: Non-interference properties of a concurrent object-based language: proofs based on operational semantics. In: Freitag, B., Jones, C.B., Lengauer, C., Schek, H.J. (eds.) Object Orientation with Parallelism and Persistence, pp. 1–22. Springer, Boston (1996). doi: 10.1007/978-1-4613-1437-0_1CrossRefGoogle Scholar
  10. 10.
    Kammüller, F.: A semi-lattice model for multi-lateral security. In: Di Pietro, R., Herranz, J., Damiani, E., State, R. (eds.) DPM/SETOP -2012. LNCS, vol. 7731, pp. 118–132. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-35890-6_9CrossRefGoogle Scholar
  11. 11.
    Kammüller, F.: Confinement for active objects. Int. J. Adv. Comput. Sci. Appl. (IJACSA) 6(2), 246–260 (2015)Google Scholar
  12. 12.
    Johnsen, E.B., Owe, O.: An asynchronous communication model for distributed concurrent objects. Softw. Syst. Model. 6(1), 35–58 (2007)CrossRefGoogle Scholar
  13. 13.
    Johnsen, E.B., Owe, O., Creol, I.C.Y.: A type-safe object-oriented model for distributed concurrent systems. Theor. Comput. Sci. 365(1–2), 23–66 (2006)MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    Johnsen, E.B., Hähnle, R., Schäfer, J., Schlatte, R., Steffen, M.: ABS: a core language for abstract behavioral specification. In: Aichernig, B.K., de Boer, F.S., Bonsangue, M.M. (eds.) FMCO 2010. LNCS, vol. 6957, pp. 142–164. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-25271-6_8CrossRefGoogle Scholar
  15. 15.
    Nielson, F., Nielson, H.-R., Hankin, C.L.: Principles of Program Analysis. Springer, Heidelberg (1999). doi: 10.1007/978-3-662-03811-6CrossRefzbMATHGoogle Scholar
  16. 16.
    Owe, O., Ramezanifarkhani, T.: Static enforcement of confidentiality of interactions in concurrent object-oriented systems. Technical report, Department of Informatics, University of Oslo, Norway (2017). An extended version of this paper.
  17. 17.
    Ramezanifarkhani, T., Owe, O., Tokas, S.: A secrecy-preserving language for distributed and object-oriented systems, March 2017 (submitted)Google Scholar
  18. 18.
    Sabelfeld, A., Mantel, H.: Static confidentiality enforcement for distributed programs. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 376–394. Springer, Heidelberg (2002). doi: 10.1007/3-540-45789-5_27CrossRefzbMATHGoogle Scholar
  19. 19.
    Sabelfeld, A., Myers, A.C.: Language-based information flow security. IEEE J. Sel. Areas Commun. 21, 5–19 (2003)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Department of InformaticsUniversity of OsloOsloNorway

Personalised recommendations