Concrete and Abstract Semantics to Check Secure Information Flow in Concurrent Programs

Authors:
Cinzia Bernardeschi;Nicoletta De Francesco;Giuseppe Lettieri
Affiliations:
Dipartimento di Ingegneria della Informazione, Università di Pisa, Italy;Dipartimento di Ingegneria della Informazione, Università di Pisa, Italy;Dipartimento di Ingegneria della Informazione, Università di Pisa, Italy
Venue:
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P 2003)
Year:
2004

Citing 17
Cited 0

Communicating sequential processes

Communicating sequential processes
Abstract interpretation: a semantics-based tool for program analysis

Handbook of logic in computer science (vol. 4)
Secure information flow in a multi-threaded imperative language

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The SLam calculus: programming with secrecy and integrity

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A core calculus of dependency

Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A semantic approach to secure information flow

Science of Computer Programming - Special issue on mathematics of program construction
A sound type system for secure flow analysis

Journal of Computer Security
An Axiomatic Approach to Information Flow in Programs

ACM Transactions on Programming Languages and Systems (TOPLAS)
Certification of programs for secure information flow

Communications of the ACM
An overview of methods for dependence analysis of concurrent programs

ACM SIGPLAN Notices
Abstract interpretation of operational semantics for secure information flow

Information Processing Letters
A Per Model of Secure Information Flow in Sequential Programs

ESOP '99 Proceedings of the 8th European Symposium on Programming Languages and Systems
Compile-Time Detection of Information Flow in Sequential Programs

ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
The Impact of Synchronisation on Secure Information Flow in Concurrent Programs

PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
A New Type System for Secure Information Flow

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Language-based information-flow security

IEEE Journal on Selected Areas in Communications
Abstract Interpretation and Model Checking for Checking Secure Information Flow in Concurrent Systems

Fundamenta Informaticae - Concurrency Specification and Programming (CS&P'2002), Part 1

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents a technique for verifying secure information flow in concurrent programs consisting of a number of independently executing sequential processes with private memory. Communications between processes are synchronous. Moreover, processes are open systems that can accept inputs from the environment and produce outputs towards the environment. The technique is based on an abstract interpretation. First we define a concrete instrumented semantics where each value is annotated with the security level of the information on which it depends. Then we define an abstract semantics of the language that abstracts from actual data and maintains only the annotations on the security level.