Security Typings by Abstract Interpretation

Authors:
Mirko Zanotti
Affiliations:
-
Venue:
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Year:
2002

Citing 10
Cited 8

The formal semantics of programming languages: an introduction

The formal semantics of programming languages: an introduction
Types as abstract interpretations

Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A sound type system for secure flow analysis

Journal of Computer Security
Certification of programs for secure information flow

Communications of the ACM
A lattice model of secure information flow

Communications of the ACM
Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints

POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Systematic design of program analysis frameworks

POPL '79 Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Refining and Compressing Abstract Domains

ICALP '97 Proceedings of the 24th International Colloquium on Automata, Languages and Programming
Secure information flow in computer systems.

Secure information flow in computer systems.
Dynamic protection structures

AFIPS '69 (Fall) Proceedings of the November 18-20, 1969, fall joint computer conference

Statically assuring secrecy for dynamic concurrent processes

Proceedings of the 5th ACM SIGPLAN international conference on Principles and practice of declaritive programming
Abstract non-interference: parameterizing non-interference by abstract interpretation

Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Instruction-level security analysis for information flow in stack-based assembly languages

Information and Computation
Abstract certification of global non-interference in rewriting logic

FMCO'09 Proceedings of the 8th international conference on Formal methods for components and objects
Higher-order abstract non-interference

TLCA'05 Proceedings of the 7th international conference on Typed Lambda Calculi and Applications
Generalized abstract non-interference: abstract secure information-flow analysis for automata

MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Abstract interpretation to check secure information flow in programs with input-output security annotations

FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
Relational abstract interpretation for the verification of 2-hypersafety properties

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Starting from a denotational semantics of imperative programs, the standard collecting semantics is defined as specifying the strongest program property. By successive Galois connection based abstractions, a type system that certifies secure information flows is designed as an abstract semantics approximating the collecting semantics of imperative programs. Security abstract analysis embodies the secure flow conditions of Denning's lattice model (see [6]), giving rise to a type system which is similar to, but strictly more expressive than, the one proposed by Volpano et al. in [10]. This shows that types and type systems for control flow analysis can be viewed as abstract interpretations.