Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A sound type system for secure flow analysis
Journal of Computer Security
Noninterference for concurrent programs and thread systems
Theoretical Computer Science
Eliminating Covert Flows with Minimum Typings
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
High Integrity Software: The SPARK Approach to Safety and Security
High Integrity Software: The SPARK Approach to Safety and Security
A New Type System for Secure Information Flow
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
On flow-sensitive security types
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Termination proofs for systems code
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
Information-Flow Security for Interactive Programs
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Managing Policy Updates in Security-Typed Languages
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
EXE: automatically generating inputs of death
Proceedings of the 13th ACM conference on Computer and communications security
Localized delimited release: combining the what and where dimensions of information release
Proceedings of the 2007 workshop on Programming languages and analysis for security
Gradual Release: Unifying Declassification, Encryption and Key Release Policies
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
End-to-End Enforcement of Erasure and Declassification
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Tractable Enforcement of Declassification Policies
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Civitas: Toward a Secure Voting System
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Proving Conditional Termination
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Termination-Insensitive Noninterference Leaks More Than Just a Bit
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
ESOP '09 Proceedings of the 18th European Symposium on Programming Languages and Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Inputs of Coma: Static Detection of Denial-of-Service Vulnerabilities
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
A termination analyzer for Java bytecode based on path-length
ACM Transactions on Programming Languages and Systems (TOPLAS)
Summarization for termination: no return!
Formal Methods in System Design
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Declassification with explicit reference points
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
Dynamic vs. Static Flow-Sensitive Security Analysis
CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
Noninterference through Secure Multi-execution
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Predictive black-box mitigation of timing channels
Proceedings of the 17th ACM conference on Computer and communications security
Timing- and Termination-Sensitive Secure Information Flow: Exploring a New Approach
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Predictive mitigation of timing channels in interactive systems
Proceedings of the 18th ACM conference on Computer and communications security
Quantifying Information Flow Using Min-Entropy
QEST '11 Proceedings of the 2011 Eighth International Conference on Quantitative Evaluation of SysTems
Noninterference with dynamic security domains and policies
ASIAN'09 Proceedings of the 13th Asian conference on Advances in Computer Science: information Security and Privacy
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Automatic termination proofs for programs with shape-shifting heaps
CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
Non-termination and secure information flow
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Termination analysis with compositional transition invariants
CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
Limiting information leakage in event-based communication
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Ranking function synthesis for bit-vector relations
TACAS'10 Proceedings of the 16th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Decentralized delimited release
APLAS'11 Proceedings of the 9th Asian conference on Programming Languages and Systems
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Abstractions for usable information flow control in Aeolus
USENIX ATC'12 Proceedings of the 2012 USENIX conference on Annual Technical Conference
CSF '12 Proceedings of the 2012 IEEE 25th Computer Security Foundations Symposium
Addressing covert termination and timing channels in concurrent information flow systems
Proceedings of the 17th ACM SIGPLAN international conference on Functional programming
Towards a practical secure concurrent language
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Faceted execution of policy-agnostic programs
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
Hi-index | 0.00 |
Program progress (or termination) is a covert channel that may leak sensitive information. To control information leakage on this channel, semantic definitions of security should be progress sensitive and enforcement mechanisms should restrict the channel's capacity. However, most state-of-the-art language-based information-flow mechanisms are progress insensitive---allowing arbitrary information leakage through this channel---and current progress-sensitive enforcement techniques are overly restrictive. We propose a type system and instrumented semantics that together enforce progress-sensitive security more precisely than existing approaches. Our system is permissive in that it is able to accept programs in which the termination behavior depends only on low-security (e.g., public or trusted) information. Our system is parameterized on a termination oracle, and controls the progress channel precisely, modulo the ability of the oracle to determine the termination behavior of a program based on low-security information. We have instantiated the oracle for a simple imperative language with a logical abstract interpretation that uses an SMT solver to synthesize linear rank functions. In addition, we extend the system to permit controlled leakage through the progress channel, with the leakage bound by an explicit budget. We empirically analyze progress channels in existing Jif code. Our evaluation suggests that security-critical programs appear to satisfy progress-sensitive security.