Untrusted hosts and confidentiality: secure program partitioning
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
ACM Transactions on Computer Systems (TOCS)
Noninterference for concurrent programs and thread systems
Theoretical Computer Science
A notion of non-interference for timed automata
Fundamenta Informaticae
A Per Model of Secure Information Flow in Sequential Programs
Higher-Order and Symbolic Computation
Secure Information Flow via Linear Continuations
Higher-Order and Symbolic Computation
Secure Information Flow and CPS
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
Security Analysis of a Probabilistic Non-repudiation Protocol
PAPM-PROBMIV '02 Proceedings of the Second Joint International Workshop on Process Algebra and Probabilistic Methods, Performance Modeling and Verification
Probability and Timing: Challenges for Secure Programming
PAPM-PROBMIV '02 Proceedings of the Second Joint International Workshop on Process Algebra and Probabilistic Methods, Performance Modeling and Verification
Transforming Processes to Check and Ensure Information Flow Security
AMAST '02 Proceedings of the 9th International Conference on Algebraic Methodology and Software Technology
Mathematical Models of Computer Security
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Probabilistic Information Flow in a Process Algebra
CONCUR '01 Proceedings of the 12th International Conference on Concurrency Theory
The Impact of Synchronisation on Secure Information Flow in Concurrent Programs
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Securing Communication in a Concurrent Language
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Analysing Approximate Confinement under Uniform Attacks
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Noninterference for Concurrent Programs
ICALP '01 Proceedings of the 28th International Colloquium on Automata, Languages and Programming,
Secure Information Flow and Pointer Confinement in a Java-like Language
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Information Flow Security in Dynamic Contexts
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Using Replication and Partitioning to Build Secure Distributed Systems
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A Generic Approach to the Security of Multi-Threaded Programs
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A New Type System for Secure Information Flow
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Statically assuring secrecy for dynamic concurrent processes
Proceedings of the 5th ACM SIGPLAN international conference on Principles and practice of declaritive programming
A unifying approach to the security of distributed and multi-threaded programs
Journal of Computer Security - Special issue on CSFW14
Dynamic label binding at run-time
Proceedings of the 2003 workshop on New security paradigms
A process-algebraic approach for the analysis of probabilistic noninterference
Journal of Computer Security
Security policies for downgrading
Proceedings of the 11th ACM conference on Computer and communications security
Stack-based access control and secure information flow
Journal of Functional Programming
Decidability and proof systems for language-based noninterference relations
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Information flow in secure contexts
Journal of Computer Security
Enforcing robust declassification and qualified robustness
Journal of Computer Security - Special issue on CSFW17
P-congruences as non-interference for the pi-calculus
Proceedings of the fourth ACM workshop on Formal methods in security
Improved typings for probabilistic noninterference in a multi-threaded language
Journal of Computer Security
Information flow security in dynamic contexts
Journal of Computer Security
A domain-specific programming language for secure multiparty computation
Proceedings of the 2007 workshop on Programming languages and analysis for security
Quantitative analysis of leakage for multi-threaded programs
Proceedings of the 2007 workshop on Programming languages and analysis for security
Fast probabilistic simulation, nontermination, and secure information flow
Proceedings of the 2007 workshop on Programming languages and analysis for security
Controlling information release in the π-calculus
Information and Computation
State-oriented Noninterference for CCS
Electronic Notes in Theoretical Computer Science (ENTCS)
An information-theoretic model for adaptive side-channel attacks
Proceedings of the 14th ACM conference on Computer and communications security
Anonymity protocols as noisy channels
Information and Computation
Avoiding timing channels in fixed-priority schedulers
Proceedings of the 2008 ACM symposium on Information, computer and communications security
A static analysis for quantifying information flow in a simple imperative language
Journal of Computer Security
Compositional information flow security for concurrent programs
Journal of Computer Security
A security domain model to assess software for exploitable covert channels
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Information flow security of multi-threaded distributed programs
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Lagrange multipliers and maximum information leakage in different observational models
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Formal Aspects in Security and Trust
Flow-sensitive semantics for dynamic information flow policies
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
On declassification and the non-disclosure policy
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
On Quantitative Analysis of Probabilistic Protocols
Electronic Notes in Theoretical Computer Science (ENTCS)
Quantified Interference for a While Language
Electronic Notes in Theoretical Computer Science (ENTCS)
Unwinding in Information Flow Security
Electronic Notes in Theoretical Computer Science (ENTCS)
Combining different proof techniques for verifying information flow security
LOPSTR'06 Proceedings of the 16th international conference on Logic-based program synthesis and transformation
A proof system for information flow security
LOPSTR'02 Proceedings of the 12th international conference on Logic based program synthesis and transformation
Security for multithreaded programs under cooperative scheduling
PSI'06 Proceedings of the 6th international Andrei Ershov memorial conference on Perspectives of systems informatics
Controlling the what and where of declassification in language-based security
ESOP'07 Proceedings of the 16th European conference on Programming
Probabilistic anonymity via coalgebraic simulations
ESOP'07 Proceedings of the 16th European conference on Programming
Probabilistic anonymity via coalgebraic simulations
Theoretical Computer Science
Anonymity protocols as noisy channels
TGC'06 Proceedings of the 2nd international conference on Trustworthy global computing
Locality-based security policies
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Closing internal timing channels by transformation
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
More typed assembly languages for confidentiality
APLAS'07 Proceedings of the 5th Asian conference on Programming languages and systems
Adversaries and information leaks (Tutorial)
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Security of multithreaded programs by compilation
ACM Transactions on Information and System Security (TISSEC)
Restricted delegation and revocation in language-based security: (position paper)
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
The optimum leakage principle for analyzing multi-threaded programs
ICITS'09 Proceedings of the 4th international conference on Information theoretic security
Session types for access and information flow control
CONCUR'10 Proceedings of the 21st international conference on Concurrency theory
Flexible scheduler-independent security
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Automatically deriving information-theoretic bounds for adaptive side-channel attacks
Journal of Computer Security
A theory of noninterference for the π-calculus
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
Predictive mitigation of timing channels in interactive systems
Proceedings of the 18th ACM conference on Computer and communications security
Formal Verification of Differential Privacy for Interactive Systems (Extended Abstract)
Electronic Notes in Theoretical Computer Science (ENTCS)
Probabilistic relational reasoning for differential privacy
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Specification and verification of side channel declassification
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Secure information flow for distributed systems
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Non-disclosure for distributed mobile code
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Non-termination and secure information flow
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Bridging language-based and process calculi security
FOSSACS'05 Proceedings of the 8th international conference on Foundations of Software Science and Computation Structures
A probabilistic property-specific approach to information flow
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Security-typed languages for implementation of cryptographic protocols: a case study
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Quantifying probabilistic information flow in computational reactive systems
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
Timing-sensitive information flow analysis for synchronous systems
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Eliminating implicit information leaks by transformational typing and unification
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
Flow locks: towards a core calculus for dynamic flow policies
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
Model-checking secure information flow for multi-threaded programs
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Securing the future: an information flow analysis of a distributed OO language
SOFSEM'12 Proceedings of the 38th international conference on Current Trends in Theory and Practice of Computer Science
Language-based control and mitigation of timing channels
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Information flow for Algol-like languages
Computer Languages, Systems and Structures
Addressing covert termination and timing channels in concurrent information flow systems
Proceedings of the 17th ACM SIGPLAN international conference on Functional programming
Scheduler-Independent declassification
MPC'12 Proceedings of the 11th international conference on Mathematics of Program Construction
A Notion of Non-Interference for Timed Automata
Fundamenta Informaticae - Concurrency Specification and Programming Workshop (CS&P'2001)
Towards a practical secure concurrent language
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Decidability of parameterized probabilistic information flow
CSR'07 Proceedings of the Second international conference on Computer Science: theory and applications
Security of multithreaded programs by compilation
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Enforcing information flow policies by a three-valued analysis
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Information flow in systems with schedulers, Part I: Definitions
Theoretical Computer Science
Proving concurrent noninterference
CPP'12 Proceedings of the Second international conference on Certified Programs and Proofs
Confidentiality for probabilistic multi-threaded programs and its verification
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Probabilistic Relational Reasoning for Differential Privacy
ACM Transactions on Programming Languages and Systems (TOPLAS)
Layout Randomization and Nondeterminism
Electronic Notes in Theoretical Computer Science (ENTCS)
Effective verification of confidentiality for multi-threaded programs
Journal of Computer Security - Foundational Aspects of Security
| Hi-index | 0.00 |
We present a probability-sensitive confidentiality specification -- a form of probabilistic noninterference -- for a small multi-threaded programming language with dynamic thread creation. Probabilistic covert channels arise from a scheduler, which is probabilistic. Since scheduling policy is typically outside the language specification for multi-threaded languages, we describe how to generalize the security condition in order to define robust security with respect to a wide class of schedulers, not excluding the possibility of deterministic (e.g., round-robin) schedulers and program-controlled thread priorities. The formulation is based on an adaptation of Larsen and Skou's notion of probabilistic bisimulation. We show how the security condition satisfies compositionality properties, which facilitate straightforward proofs of correctness for, e.g., security type systems. We illustrate this by defining a security type system, which improves on previous multi-threaded systems, and by proving it correct with respect to our stronger scheduler-independent security condition.