Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Formal Aspects in Security and Trust

FAST 2008: Formal Aspects in Security and Trust pp 316–330Cite as

Access Control and Information Flow in Transactional Memory

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5491))

Abstract

The paper considers the addition of access control to a number of transactional memory implementations, and studies its impact on the information flow security of such systems. Even after the imposition of access control, the Unbounded Transactional Memory due to Ananian et al, and most instances of a general scheme for transactional conflict detection and arbitration due to Scott, are shown to be insecure. This result applies even for a very simple policy prohibiting information flow from a high to a low security domain. The source of the insecurity is identified as the ability of agents to cause aborts of other agents’ transactions. A generic implementation is defined, parameterized by a “may-abort” relation that defines which agents may cause aborts of other agents’ transactions. This implementation is shown to be secure with respect to an intransitive information flow policy consistent with the access control table and “may-abort” relation. Using this result, Transactional Memory Coherence and Consistency, an implementation due to Hammond et al, is shown to be secure with respect to intransitive information flow policies. Moreover, it is shown how to modify Scott’s arbitration policies using the may-abort relation, yielding a class of secure implementations closely related to Scott’s scheme.

The research of the first and third co-authors was sponsored in part by ONR grant N00014-99-1-0131 and NSF Award CNS-0420477. The work of the second author was supported by ARC Discovery grant DP0451529.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Alves-Foss, J., Harrison, W.S., Oman, P., Taylor, C.: The MILS architecture for high-assurance embedded systems. International Journal of Embedded Systems 2(3/4), 239–247 (2006)

    Article  Google Scholar 

  2. Ananian, C.S., Asanovic, K., Kuszmaul, B.C., Leiserson, C.E., Lie, S.: Unbounded transactional memory. In: Proceedings of the Eleventh International Symposium on High-Performance Computer Architecture, pp. 316–327 (February 2005)

    Google Scholar 

  3. Atluri, V., Jajodia, S., George, B.: Multi-level secure transaction processing. Kluwer, Dordrecht (2000)

    Book  Google Scholar 

  4. Cohen, A., O’Leary, J.W., Pnueli, A., Tuttle, M.R., Zuck, L.D.: Verifying correctness of transactional memories. In: Proceedings of FMCAD 2007 (November 2007)

    Google Scholar 

  5. Downing, A.R., Greenberg, T.F., Lunt, T.F.: Issues in distributed database security. In: Proceedings of Fifth Annual Computer Security Applications Conference, pp. 196–203 (December 1989)

    Google Scholar 

  6. Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proc. IEEE Symp. on Security and Privacy, Oakland, pp. 11–20 (1982)

    Google Scholar 

  7. Haigh, J.T., Young, W.D.: Extending the noninterference version of MLS for SAT. IEEE Trans. on Software Engineering SE-13(2), 141–150 (1987)

    Article  Google Scholar 

  8. Hammond, L., Wong, V., Chen, M., Carlstrom, B.D., Davis, J.D., Hertzberg, B., Prabhu, M.K., Wijaya, H., Kozyrakis, C., Olukotun, K.: Transactional memory coherence and consistency. In: Proceedings of the 31st Annual International Symposium on Computer Architecture, p. 102. IEEE Computer Society, Los Alamitos (2004)

    Google Scholar 

  9. Herlihy, M., Luchangco, V., Moir, M., Scherer III, W.N.: Software transactional memory for dynamic-sized data structures. In: PODC 2003: Proceedings of the twenty-second annual symposium on Principles of distributed computing, pp. 92–101. ACM Press, New York (2003)

    Chapter  Google Scholar 

  10. Keefe, T.K., Tsai, W.T., Srivastava, J.: Database concurrency control in multilevel secure database management systems. IEEE Trans. Knowledge and Data Engineering 5(6), 1039–1055 (1993)

    Article  Google Scholar 

  11. Larus, J.R., Rajwar, R.: Transactional Memory. Morgan & Claypool Publishers, San Francisco (2007)

    Google Scholar 

  12. van der Meyden, R.: What, indeed, is intransitive noninterference? In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 235–250. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  13. Proctor, N.E., Neumann, P.G.: Architectural implications of covert channels. In: Proc. 15th National Computer Security Conference, pp. 28–43 (1992)

    Google Scholar 

  14. Rushby, J.M., Randell, R.: A distributed secure system. IEEE Computer 16(7), 55–67 (1983)

    Article  Google Scholar 

  15. Rushby, J.: Noninterference, transitivity, and channel-control security policies. Technical report, SRI international (December 1992)

    Google Scholar 

  16. Scott, M.L.: Sequential specification of transactional memory semantics. In: Proc. TRANSACT the First ACM SIGPLAN Workshop on Languages, Compiler, and Hardware Suppport for Transactional Computing, Ottawa (2006)

    Google Scholar 

  17. Vanfleet, W.M., Beckworth, R.W., Calloni, B., Luke, J.A., Taylor, C., Uchenick, G.: MILS: architecture for high assurance embedded computing. Crosstalk: The Journal of Defence Engineering, 12–16 (August 2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. New York University, USA

    Ariel Cohen

  2. University of New South Wales, Australia

    Ron van der Meyden

  3. University of Illinois at Chicago, USA

    Lenore D. Zuck

Authors
  1. Ariel Cohen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ron van der Meyden
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lenore D. Zuck
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dipartimento di Informatica, Università di Pisa, Largo Bruno, Pontecorvo, 3, 56127, Pisa, Italy

    Pierpaolo Degano

  2. The MITRE Corporation, 202 Burlington Rd, MS S128, MA 01730, Bedford, USA

    Joshua Guttman

  3. Istituto di Informatica e Telematica - IIT Consiglio Nazionale delle Ricerche, C.N.R., Pisa Research Area, Via. G. Moruzzi 1, 56125, Pisa, Italy

    Fabio Martinelli

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Cohen, A., van der Meyden, R., Zuck, L.D. (2009). Access Control and Information Flow in Transactional Memory. In: Degano, P., Guttman, J., Martinelli, F. (eds) Formal Aspects in Security and Trust. FAST 2008. Lecture Notes in Computer Science, vol 5491. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01465-9_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-01465-9_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-01464-2

  • Online ISBN: 978-3-642-01465-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation