On flow-sensitive security types

Authors:
Sebastian Hunt;David Sands
Affiliations:
City University, London, UK;Chalmers University of Technology, Göteborg, Sweden
Venue:
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Year:
2006

Citing 20
Cited 37

An efficient method of computing static single assignment form

POPL '89 Proceedings of the 16th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Binding time analysis: a new PERspective

PEPM '91 Proceedings of the 1991 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Flow-sensitive interprocedural constant propagation

PLDI '95 Proceedings of the ACM SIGPLAN 1995 conference on Programming language design and implementation
The SLam calculus: programming with secrecy and integrity

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Modern compiler implementation in Java

Modern compiler implementation in Java
Making abstract interpretations complete

Journal of the ACM (JACM)
A sound type system for secure flow analysis

Journal of Computer Security
An Axiomatic Approach to Information Flow in Programs

ACM Transactions on Programming Languages and Systems (TOPLAS)
Certification of programs for secure information flow

Communications of the ACM
SafeTSA: a type safe and referentially secure mobile-code representation based on static single assignment form

Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints

POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Principles of Program Analysis

Principles of Program Analysis
Systematic design of program analysis frameworks

POPL '79 Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
A Per Model of Secure Information Flow in Sequential Programs

Higher-Order and Symbolic Computation
The Essence of Principal Typings

ICALP '02 Proceedings of the 29th International Colloquium on Automata, Languages and Programming
Compile-Time Detection of Information Flow in Sequential Programs

ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Timing Aware Information Flow Security for a JavaCard-like Bytecode

Electronic Notes in Theoretical Computer Science (ENTCS)
Information flow analysis for java bytecode

VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Information flow for Algol-like languages

Computer Languages, Systems and Structures
Language-based information-flow security

IEEE Journal on Selected Areas in Communications

A logic for information flow in object-oriented programs

Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A logic for information flow analysis with an application to forward slicing of simple imperative programs

Science of Computer Programming
Type systems equivalent to data-flow analyses for imperative languages

Theoretical Computer Science - Applied semantics
Instruction-level security analysis for information flow in stack-based assembly languages

Information and Computation
Optimality and condensing of information flow through linear refinement

Theoretical Computer Science
A static analysis for quantifying information flow in a simple imperative language

Journal of Computer Security
Static path conditions for Java

Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Integration of a security type system into a program logic

Theoretical Computer Science
Securing information flow via dynamic capture of dependencies

Journal of Computer Security - 20th IEEE Computer Security Foundations Symposium (CSF)
Embedding verifiable information flow analysis

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
A Tool for Automated Certification of Java Source Code in Maude

Electronic Notes in Theoretical Computer Science (ENTCS)
A certified lightweight non-interference java bytecode verifier

ESOP'07 Proceedings of the 16th European conference on Programming
An information flow verifier for small embedded systems

WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
Integration of a security type system into a program logic

TGC'06 Proceedings of the 2nd international conference on Trustworthy global computing
Just forget it: the semantics and enforcement of information erasure

ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Permissive dynamic information flow analysis

PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Abstract certification of global non-interference in rewriting logic

FMCO'09 Proceedings of the 8th international conference on Formal methods for components and objects
Information flow analysis via path condition refinement

FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
From exponential to polynomial-time security typing via principal types

ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
An accurate type system for information flow in presence of arrays

FMOODS'11/FORTE'11 Proceedings of the joint 13th IFIP WG 6.1 and 30th IFIP WG 6.1 international conference on Formal techniques for distributed systems
Relational decomposition

ITP'11 Proceedings of the Second international conference on Interactive theorem proving
Flexible dynamic information flow control in Haskell

Proceedings of the 4th ACM symposium on Haskell
Implementing a Language with Flow-Sensitive and Structural Typing on the JVM

Electronic Notes in Theoretical Computer Science (ENTCS)
Information flow analysis for javascript

Proceedings of the 1st ACM SIGPLAN international workshop on Programming language and systems technologies for internet clients
Multiple facets for dynamic information flow

POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A sound analysis for secure information flow using abstract memory graphs

FSEN'09 Proceedings of the Third IPM international conference on Fundamentals of Software Engineering
Secure information flow by self-composition

Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Limiting information leakage in event-based communication

Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
From dynamic to static and back: riding the roller coaster of information-flow control research

PSI'09 Proceedings of the 7th international Andrei Ershov Memorial conference on Perspectives of Systems Informatics
Experiences with PDG-Based IFC

ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Verification of information flow properties of java programs without approximations

FoVeOOS'11 Proceedings of the 2011 international conference on Formal Verification of Object-Oriented Software
On-the-Fly inlining of dynamic dependency monitors for secure information flow

FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Precise enforcement of progress-sensitive security

Proceedings of the 2012 ACM conference on Computer and communications security
Enforcing information flow policies by a three-valued analysis

MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Faceted execution of policy-agnostic programs

Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
A calculus for constraint-based flow typing

Proceedings of the 15th Workshop on Formal Techniques for Java-like Programs
Required information release

Journal of Computer Security - CSF 2010

Quantified Score

Hi-index	0.00

Visualization

Abstract

This article investigates formal properties of a family of semantically sound flow-sensitive type systems for tracking information flow in simple While programs. The family is indexed by the choice of flow lattice.By choosing the flow lattice to be the powerset of program variables, we obtain a system which, in a very strong sense, subsumes all other systems in the family (in particular, for each program, it provides a principal typing from which all others may be inferred). This distinguished system is shown to be equivalent to, though more simply described than, Amtoft and Banerjee's Hoare-style independence logic (SAS'04).In general, some lattices are more expressive than others. Despite this, we show that no type system in the family can give better results for a given choice of lattice than the type system for that lattice itself.Finally, for any program typeable in one of these systems, we show how to construct an equivalent program which is typeable in a simple flow-insensitive system. We argue that this general approach could be useful in a proof-carrying-code setting.