Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Probabilistic noninterference in a concurrent language
Journal of Computer Security
A sound type system for secure flow analysis
Journal of Computer Security
Noninterference for concurrent programs and thread systems
Theoretical Computer Science
A Per Model of Secure Information Flow in Sequential Programs
ESOP '99 Proceedings of the 8th European Symposium on Programming Languages and Systems
Non-Interference Through Determinism
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
The Impact of Synchronisation on Secure Information Flow in Concurrent Programs
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Probabilistic Noninterference for Multi-Threaded Programs
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
A New Type System for Secure Information Flow
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
CSP and determinism in security modelling
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
A unifying approach to the security of distributed and multi-threaded programs
Journal of Computer Security - Special issue on CSFW14
Secure Information Flow by Self-Composition
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
A Temporal Logic Characterisation of Oservational Determinism
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Securing Interaction between Threads and the Scheduler
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Transformational typing and unification for automatically correcting insecure programs
International Journal of Information Security
Information Flow in Systems with Schedulers
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Combining different proof techniques for verifying information flow security
LOPSTR'06 Proceedings of the 16th international conference on Logic-based program synthesis and transformation
Security for multithreaded programs under cooperative scheduling
PSI'06 Proceedings of the 6th international Andrei Ershov memorial conference on Perspectives of systems informatics
Controlling the what and where of declassification in language-based security
ESOP'07 Proceedings of the 16th European conference on Programming
Closing internal timing channels by transformation
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Declassification with explicit reference points
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Bridging language-based and process calculi security
FOSSACS'05 Proceedings of the 8th international conference on Foundations of Software Science and Computation Structures
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Making random choices invisible to the scheduler
CONCUR'07 Proceedings of the 18th international conference on Concurrency Theory
Security of multithreaded programs by compilation
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Scheduler-Independent declassification
MPC'12 Proceedings of the 11th international conference on Mathematics of Program Construction
Towards a practical secure concurrent language
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Information flow in systems with schedulers, Part I: Definitions
Theoretical Computer Science
Proving concurrent noninterference
CPP'12 Proceedings of the Second international conference on Certified Programs and Proofs
The confinement problem in the presence of faults
ICFEM'12 Proceedings of the 14th international conference on Formal Engineering Methods: formal methods and software engineering
Confidentiality for probabilistic multi-threaded programs and its verification
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Effective verification of confidentiality for multi-threaded programs
Journal of Computer Security - Foundational Aspects of Security
Hi-index | 0.00 |
We propose an approach to certify the information flow security of multi-threaded programs independently from the scheduling algorithm. A scheduler-independent verification is desirable because the scheduler is part of the runtime environment and, hence, usually not known when a program is analyzed. Unlike for other system properties, it is not straightforward to achieve scheduler independence when verifying information flow security, and the existing independence results are very restrictive. In this article, we show how some of these restrictions can be overcome. The key insight in our development of a novel scheduler-independent information flow property was the identification of a suitable class of schedulers that covers the most relevant schedulers. The contributions of this article include a novel security property, a scheduler independence result, and a provably sound program analysis.