Secure information flow for a concurrent language with scheduling
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
Termination-Insensitive Noninterference Leaks More Than Just a Bit
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Security for multithreaded programs under cooperative scheduling
PSI'06 Proceedings of the 6th international Andrei Ershov memorial conference on Perspectives of systems informatics
Closing internal timing channels by transformation
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Security of multithreaded programs by compilation
ACM Transactions on Information and System Security (TISSEC)
Flexible scheduler-independent security
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Secure information flow by self-composition
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Model-checking secure information flow for multi-threaded programs
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Model checking information flow in reactive systems
VMCAI'12 Proceedings of the 13th international conference on Verification, Model Checking, and Abstract Interpretation
Language-based control and mitigation of timing channels
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Scheduler-specific confidentiality for multi-threaded programs and its logic-based verification
FoVeOOS'11 Proceedings of the 2011 international conference on Formal Verification of Object-Oriented Software
Addressing covert termination and timing channels in concurrent information flow systems
Proceedings of the 17th ACM SIGPLAN international conference on Functional programming
Scheduler-Independent declassification
MPC'12 Proceedings of the 11th international conference on Mathematics of Program Construction
Towards a practical secure concurrent language
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Security of multithreaded programs by compilation
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Confidentiality for probabilistic multi-threaded programs and its verification
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Effective verification of confidentiality for multi-threaded programs
Journal of Computer Security - Foundational Aspects of Security
| Hi-index | 0.00 |
This paper studies observational determinism, a generalisation of non-interference for multi-threaded programs. Standard notions of non-interference only consider input and output of programs, but to ensure the security of multithreaded programs, one has to consider execution traces. In earlier work, Zdancewic and Myers propose to consider a multi-threaded program secure when it behaves deterministic w.r.t. its public (or low) variables, i.e. traces of public variables should not depend on private (or high) variables. This property is called observational determinism. The original definition of observational determinism still allows to reveal private data; this paper corrects this. The main contribution of this paper is a rephrasing of the definition of observational determinism in terms of a temporal logic. This allows to use standard model checking techniques to verify observational determinism, which has the advantage that the verification is automatic and precise. Moreover in case the verification fails, model checking can produce a counterexample. We characterise observational determinism in CTL* and in the polyadic modal ì-calculus. For both logics, model checking algorithms exist.