Compositional information flow security for concurrent programs

Authors:
Annalisa Bossi;Carla Piazza;Sabina Rossi
Affiliations:
Dipartimento di Informatica, Università Ca' Foscari di Venezia, via Torino 155, 30172 Venezia, Italy E-mail: bossi,srossi@dsi.unive.it;Dipartimento di Matematica ed Informatica, Università di Udine, via Le Scienze 206, 33100 Udine, Italy E-mail: piazza@dimi.uniud.it;(Correspd.) Dipartimento di Informatica, Università Ca' Foscari di Venezia, via Torino 155, 30172 Venezia, Italy E-mail: bossi,srossi@dsi.unive.it
Venue:
Journal of Computer Security
Year:
2007

Citing 32
Cited 4

Complexity of deciding Tarski algebra

Journal of Symbolic Computation
Bisimulation through probabilistic testing (preliminary report)

POPL '89 Proceedings of the 16th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Partial Cylindrical Algebraic Decomposition for quantifier elimination

Journal of Symbolic Computation
On the computational complexity and geometry of the first-order theory of the reals. Part III: quantifier elimination

Journal of Symbolic Computation
The formal semantics of programming languages: an introduction

The formal semantics of programming languages: an introduction
Secure information flow in a multi-threaded imperative language

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control

Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Transforming out timing leaks

Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Verifying secrets and relative secrecy

Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Probabilistic noninterference in a concurrent language

Journal of Computer Security
Certification of programs for secure information flow

Communications of the ACM
Protecting privacy using the decentralized label model

ACM Transactions on Software Engineering and Methodology (TOSEM)
Process algebra and non-interference

Journal of Computer Security
Communication and Concurrency

Communication and Concurrency
Noninterference for concurrent programs and thread systems

Theoretical Computer Science
A Per Model of Secure Information Flow in Sequential Programs

Higher-Order and Symbolic Computation
Classification of Security Properties (Part I: Information Flow)

FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Hauptvortrag: Quantifier elimination for real closed fields by cylindrical algebraic decomposition

Proceedings of the 2nd GI Conference on Automata Theory and Formal Languages
A Type-Based Approach to Program Security

TAPSOFT '97 Proceedings of the 7th International Joint Conference CAAP/FASE on Theory and Practice of Software Development
Unwinding Possibilistic Security Properties

ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Securing Communication in a Concurrent Language

SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Secure Introduction of One-Way Functions

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Probabilistic Noninterference for Multi-Threaded Programs

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
A New Type System for Secure Information Flow

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Robust Declassification

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Secure Information Flow by Self-Composition

CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Enforcing Robust Declassification

CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Downgrading policies and relaxed noninterference

Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Dimensions and Principles of Declassification

CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Decidability and proof systems for language-based noninterference relations

Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Verifying persistent security properties

Computer Languages, Systems and Structures
Language-based information-flow security

IEEE Journal on Selected Areas in Communications

Integration of a security type system into a program logic

Theoretical Computer Science
Causality and Accountability

Formal Aspects in Security and Trust
Declassification with explicit reference points

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Scheduler-Independent declassification

MPC'12 Proceedings of the 11th international conference on Mathematics of Program Construction

Quantified Score

Hi-index	0.02

Visualization

Abstract

We present a general unwinding framework for the definition of information flow security properties of concurrent programs, described in a simple imperative language enriched with parallelism and atomic statement constructors. We study different classes of programs obtained by instantiating the general framework and we prove that they entail the noninterference principle. Accurate proof techniques for the verification of such properties are defined by exploiting the Tarski decidability result for first-order formulae over the reals. Moreover, we illustrate how the unwinding framework can be instantiated in order to deal with intentional information release and we extend our verification techniques to the analysis of security properties of programs admitting downgrading.