Information flow analysis for a typed assembly language with polymorphic stacks

  • Authors:
  • Eduardo Bonelli;Adriana Compagnoni;Ricardo Medel

  • Affiliations:
  • LIFIA, Fac. de Informática, Univ. Nac. de La Plata, Argentina;Stevens Institute of Technology, Hoboken, NJ;Stevens Institute of Technology, Hoboken, NJ

  • Venue:
  • CASSIS'05 Proceedings of the Second international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
  • Year:
  • 2005

Quantified Score

Hi-index 0.00

Visualization

Abstract

We study secure information flow in a stack based Typed Assembly Language (TAL). We define a TAL with an execution stack and establish the soundness of its type system by proving non-interference. One of the problems of studying information flow for a low-level language is the absence of high-level control flow constructs that guide information flow analysis in high-level languages. Furthermore, in the presence of an execution stack, code that frees space on the stack must be constrained in order to avoid illegal flows. Finally, in the presence of stack polymorphism, we must ensure that type variables are instantiated without observable differences. These issues are addressed by introducing junction points into the type system, ensuring that they behave as ordered linear continuations, and that they interact safely with the execution stack. We also discuss several limitations of our approach and point out some remaining open issues.