A monadic analysis of information flow security with mutable state

Authors:
Karl Crary;Aleksey Kliger;Frank Pfenning
Affiliations:
Carnegie Mellon University, 5000 Forbes Avenue Pittsburgh, PA 15213 USA (email: crary@cs.cmu.edu, aleksey@cs.cmu.edu, fp@cs.cmu.edu);Carnegie Mellon University, 5000 Forbes Avenue Pittsburgh, PA 15213 USA (email: crary@cs.cmu.edu, aleksey@cs.cmu.edu, fp@cs.cmu.edu);Carnegie Mellon University, 5000 Forbes Avenue Pittsburgh, PA 15213 USA (email: crary@cs.cmu.edu, aleksey@cs.cmu.edu, fp@cs.cmu.edu)
Venue:
Journal of Functional Programming
Year:
2005

Citing 16
Cited 14

Computational lambda-calculus and monads

Proceedings of the Fourth Annual Symposium on Logic in computer science
Notions of computation and monads

Information and Computation
Secure information flow in a multi-threaded imperative language

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The SLam calculus: programming with secrecy and integrity

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A core calculus of dependency

Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control

Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
From system F to typed assembly language

ACM Transactions on Programming Languages and Systems (TOPLAS)
Confluent Reductions: Abstract Properties and Applications to Term Rewriting Systems: Abstract Properties and Applications to Term Rewriting Systems

Journal of the ACM (JACM)
A sound type system for secure flow analysis

Journal of Computer Security
A uniform type structure for secure information flow

POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Information flow inference for ML

ACM Transactions on Programming Languages and Systems (TOPLAS)
Secure Information Flow via Linear Continuations

Higher-Order and Symbolic Computation
Robust Declassification

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Programming languages for information security

Programming languages for information security
A judgmental reconstruction of modal logic

Mathematical Structures in Computer Science
Language-based information-flow security

IEEE Journal on Selected Areas in Communications

Run-time principals in information-flow type systems

ACM Transactions on Programming Languages and Systems (TOPLAS)
Coherence of subsumption for monadic types

Journal of Functional Programming
Secure Information Flow as a Safety Property

Formal Aspects in Security and Trust
On declassification and the non-disclosure policy

Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Achieving information flow security through monadic control of effects

Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Information flow enforcement in monadic libraries

Proceedings of the 7th ACM SIGPLAN workshop on Types in language design and implementation
Flexible dynamic information flow control in Haskell

Proceedings of the 4th ACM symposium on Haskell
Lightweight monadic programming in ML

Proceedings of the 16th ACM SIGPLAN international conference on Functional programming
Implicit self-adjusting computation for purely functional programs

Proceedings of the 16th ACM SIGPLAN international conference on Functional programming
A design for a security-typed language with certificate-based declassification

ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
On typing information flow

ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
Type-directed automatic incrementalization

Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Typing illegal information flows as program effects

Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
Encoding secure information flow with restricted delegation and revocation in Haskell

Proceedings of the 1st annual workshop on Functional programming concepts in domain-specific languages

Quantified Score

Hi-index	0.00

Visualization

Abstract

We explore the logical underpinnings of higher-order, security-typed languages with mutable state. Our analysis is based on a logic of information flow derived from lax logic and the monadic metalanguage. Thus, our logic deals with mutation explicitly, with impurity reflected in the types, in contrast to most higher-order security-typed languages, which deal with mutation implicitly via side-effects. More importantly, we also take a store-oriented view of security, wherein security levels are associated with elements of the mutable store. This view matches closely with the operational semantics of low-level imperative languages where information flow is expressed by operations on the store. An interesting feature of our analysis lies in its treatment of upcalls (low-security computations that include high-security ones), employing an “informativeness” judgment indicating under what circumstances a type carries useful information.