Run-time principals in information-flow type systems

Non-interference guarantees the absence of illicit information flow throughout program execution. It can be enforced by appropriate information flow type systems. Much of the previous work on type systems for non-interference has focused on calculi or high-level programming languages, and existing type systems for low-level languages typically omit objects, exceptions and method calls. We define an information flow type system for a sequential JVM-like language that includes all these programming features, and we prove, in the Coq proof assistant, that it guarantees non-interference. An additional benefit of the formalisation is that we have extracted from our proof a certified lightweight bytecode verifier for information flow. Our work provides, to the best of our knowledge, the first sound and certified information flow type system for such an expressive fragment of the JVM.

Download Full-text

Formally verifying information flow type systems for concurrent and thread systems

Proceedings of the 2004 ACM workshop on Formal methods in security engineering - FMSE '04 ◽

10.1145/1029133.1029136 ◽

2004 ◽

Cited By ~ 9

Author(s):

Gilles Barthe ◽

Leonor Prensa Nieto

Keyword(s):

Information Flow ◽

Type Systems ◽

Flow Type

Download Full-text

Statically Detect and Run-Time Check Integer-Based Vulnerabilities with Information Flow

Journal of Software ◽

10.3724/sp.j.1001.2013.04385 ◽

2014 ◽

Vol 24 (12) ◽

pp. 2767-2781

Author(s):

Hao SUN ◽

Hui-Peng LI ◽

Qing-Kai ZENG

Keyword(s):

Information Flow ◽

Run Time

Download Full-text

A run-time representation of scheme record types

Journal of Functional Programming ◽

10.1017/s0956796814000203 ◽

2014 ◽

Vol 24 (6) ◽

pp. 675-716 ◽

Cited By ~ 2

Author(s):

ANDREW W. KEEP ◽

R. KENT DYBVIG

Keyword(s):

Programming Model ◽

Type Systems ◽

Structured Data ◽

Object Oriented Programming ◽

Extended Model ◽

Data Types ◽

Time Representation ◽

Scalar Data ◽

Run Time ◽

Record Type

AbstractThe Revised6 Report on the Algorithmic Language Scheme added a mechanism to the Scheme programming language for creating new record types procedurally. While many programming languages support user defined, structured data types, these are usually handled syntactically, so that the compiler can make choices at compile time about the memory layout of these data types. The procedural record types in Scheme, however, can be constructed at run time, making the efficient run-time representation of record types important to ensure good run-time performance. The run-time representation used in our implementation provides an extended model for record types allowing record types to represent foreign scalar data types, e.g., machine word integers, and allows the base record type to be extended to create non-R6RS record-type systems. This article describes our run-time representation for record types, how the garbage collector handles foreign scalar data types, and includes extended record type systems both for an object-oriented programming model and a representation of foreign structured data types.

Download Full-text

An information-flow type-system for mixed protocol secure computation

Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security - ASIA CCS '13 ◽

10.1145/2484313.2484364 ◽

2013 ◽

Cited By ~ 1

Author(s):

Florian Kerschbaum

Keyword(s):

Information Flow ◽

Type System ◽

Secure Computation ◽

Flow Type

Download Full-text

Type systems for information flow control

ACM SIGLOG News ◽

10.1145/3051528.3051531 ◽

2017 ◽

Vol 4 (1) ◽

pp. 6-21 ◽

Cited By ~ 1

Author(s):

Vineet Rajani ◽

Iulia Bastys ◽

Willard Rafnsson ◽

Deepak Garg

Keyword(s):

Flow Control ◽

Information Flow ◽

Type Systems ◽

Information Flow Control

Download Full-text

Secure information flow by self-composition

Mathematical Structures in Computer Science ◽

10.1017/s0960129511000193 ◽

2011 ◽

Vol 21 (6) ◽

pp. 1207-1252 ◽

Cited By ~ 39

Author(s):

GILLES BARTHE ◽

PEDRO R. D'ARGENIO ◽

TAMARA REZK

Keyword(s):

Programming Languages ◽

Information Flow ◽

Security Policy ◽

Information Leakage ◽

Type Systems ◽

General Mechanism ◽

Parallel Composition ◽

Type Checking ◽

Secure Information ◽

Safety Property

Information flow policies are confidentiality policies that control information leakage through program execution. A common way to enforce secure information flow is through information flow type systems. Although type systems are compositional and usually enjoy decidable type checking or inference, their extensibility is very poor: type systems need to be redefined and proved sound for each new variation of security policy and programming language for which secure information flow verification is desired.In contrast, program logics offer a general mechanism for enforcing a variety of safety policies, and for this reason are favoured in Proof Carrying Code, which is a promising security architecture for mobile code. However, the encoding of information flow policies in program logics is not straightforward because they refer to a relation between two program executions.The purpose of this paper is to investigate logical formulations of secure information flow based on the idea of self-composition, which reduces the problem of secure information flow of a program P to a safety property for a program derived from P by composing P with a renaming of itself. Self-composition enables the use of standard techniques for information flow policy verification, such as program logics and model checking, that are suitable in Proof Carrying Code infrastructures.We illustrate the applicability of self-composition in several settings, including different security policies such as non-interference and controlled forms of declassification, and programming languages including an imperative language with parallel composition, a non-deterministic language and, finally, a language with shared mutable data structures.

Download Full-text