Observational determinism for concurrent program security (2003) [17 citations — 5 self]

Download:

by Steve Zdancewic

In Proc. 16th IEEE Computer Security Foundations Workshop

http://www.cs.cornell.edu/andru/papers/csfw02.pdf

Add To MetaCart

Popular Tags

No tags have been applied to this document.

BibTeX | Add To MetaCart

@INPROCEEDINGS{Zdancewic03observationaldeterminism,
    author = {Steve Zdancewic},
    title = {Observational determinism for concurrent program security},
    booktitle = {In Proc. 16th IEEE Computer Security Foundations Workshop},
    year = {2003},
    pages = {29--43}
}

Years of Citing Articles

Abstract:

Noninterference is a property of sequential programs that is useful for expressing security policies for data confidentiality and integrity. However, extending noninterference to concurrent programs has proved problematic. In this paper we present a relatively expressive secure concurrent language. This language, based on existing concurrent calculi, provides first-class channels, higher-order functions, and an unbounded number of threads. Well-typed programs obey a generalization of noninterference that ensures immunity to internal timing attacks and to attacks that exploit information about the thread scheduler. Elimination of these refinement attacks is possible because the enforced security property extends noninterference with observational determinism. Although the security property is strong, it also avoids some of the restrictiveness imposed on previous securitytyped concurrent languages. 1

Citations

886	A Calculus of Mobile Processes – Milner, Parrow, et al. - 1992
607	A Calculus for Cryptographic Protocols: The Spi Calculus – Abadi, Gordon - 1999
432	Security policy and security models – Goguen, Meseguer - 1982
329	A lattice model of secure information flow – Denning - 1976
301	A safe approximate algorithm for interprocedural pointer aliasing – Landi, Ryder - 1992
245	Language-based information-flow security – Sabelfeld, Myers - 2003
241	A sound type system for secure flow analysis – Volpano, Smith, et al. - 1996
240	A note on the confinement problem – Lampson - 1973
231	Certification of programs for secure information flow – Denning, Denning - 1977
230	JFlow: Practical Mostly-Static Information Flow Control – Myers - 1999
187	Interprocedural May-Alias Analysis for Pointers: Beyond k-limiting – Deutsch - 1994
179	The SLam calculus: programming with secrecy and integrity – Heintze, Riecke - 1998
148	A core calculus of dependency – Abadi, Banerjee, et al. - 1999
133	Alias types – Smith, Walker, et al. - 2000
118	Unwinding and inference control – Goguen, Meseguer - 1984
117	Pointer Analysis for Multithreaded Programs – Rugina, Rinard - 1999
114	Syntactic control of interference – Reynolds - 1978
112	Information flow inference for ML – Pottier, Simonet - 2002
108	Morrisett. Alias types for recursive data structures – Walker, Gregory - 2000
106	A general theory of composition for trace sets closed under selective interleaving functions – McLean - 1994
101	Security properties and CSP – Schneider - 1996
96	Transforming out timing leaks – Agat - 2000
80	Probabilistic noninterference for multithreaded programs – Sabelfeld, Sands - 2000
69	Secure information flow and pointer confinement in a java-like language – Banerjee, Naumann - 2002
69	Probabilistic Noninterference in a Concurrent Language – Volpano, Smith - 1998
68	Noninterference and the composability of security properties – McCullough - 1988
66	The reflexive CHAM and the join-calculus – Fournet, Gonthier - 1996
62	CSP and determinism in security modelling – Roscoe
61	Process Algebra and Non-interference – Ryan, Schneider - 1999
60	The compositional security checker: A tool for the verification of information flow security properties – Focardi, Gorrieri - 1997
53	Information flow vs resource access in the asynchronous πcalculus – Hennessy, Riely
50	A uniform type structure for secure information flow – Honda, Yoshida - 2002
41	Verifying secrets and relative secrecy – Volpano, Smith - 2000
39	A new type system for secure information flow – Smith - 2001
37	Proving noninterference and functional correctness using traces – McLean - 1992
33	Noninterference for concurrent programs and thread systems – Boudol, Castellani
32	Secure program partitioning – Zdancewic, Zheng, et al. - 2002
30	Trust in the λ-calculus – Palsberg, Ørbæk - 1995
28	Secure information flow via linear continuations – Zdancewic, Myers - 2002
23	A technique for proving specifications are multilevel secure – Feiertag - 1980
22	Static confidentiality enforcement for distributed programs – Sabelfeld, Mantel - 2002
18	Programming Languages for Information Security – Zdancewic - 2002
16	A unifying approach to the security of distributed and multi-threaded programs – Mantel, Sabelfeld - 2003
11	A CSP Formulation of Non-Interference and Unwinding – Ryan - 1991
9	A logical approach to multilevel security of probabilistic systems – Gray, Syverson - 1992
6	Context-sensitiveinterprocedural points-to analysis in the presence of function pointers – Emami, Ghiya, et al. - 1994
6	A simple view of type-secure information flow in the π-calculus – Pottier - 2002
4	A general theory of security properties and secure composition – Zakinthinos, Lee - 1997
3	Modular information flow analysis for process calculi – Conchon - 2002
1	Timing channels. poster session – Vleck - 1990

View or Download | Add to My Collection | Correct Errors