Dynamic Security Labels and Noninterference (Extended Abstract)

Zheng, Lantian; Myers, Andrew C.

doi:10.1007/0-387-24098-5_3

Cited by 44 publications

(48 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the context of security, Zheng and Myers [46] formalize support for dynamic security labels that can be associated with data to express information flow policies. The technical machinery for associating labels to terms in their system is similar to ours.…”

Section: Related Workmentioning

confidence: 99%

“…To demonstrate FABLE's flexibility we have used it to encode a range of policies, including access control, static [32] and dynamic information flow [46] with forms of declassification [20], provenance tracking [7] and policies based on security automata [42]. In our experience, the soundness of FABLE makes proofs of security properties no more difficult-and arguably simpler-than proofs of similar properties in specialized languages [30,40,41].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Fable: A Language for Enforcing User-defined Security Policies

Swamy

Corcoran

Hicks

2008

2008 IEEE Symposium on Security and Privacy (Sp 2008)

View full text Add to dashboard Cite

This paper presents FABLE, a core formalism for a programming language in which programmers may specify security policies and reason that these policies are properly enforced. In FABLE, security policies can be expressed by associating security labels with the data or actions they protect. Programmers define the semantics of labels in a separate part of the program called the enforcement policy. FA-BLE prevents a policy from being circumvented by allowing labeled terms to be manipulated only within the enforcement policy; application code must treat labeled values abstractly. Together, these features facilitate straightforward proofs that programs implementing a particular policy achieve their high-level security goals. FABLE is flexible enough to implement a wide variety of security policies, including access control, information flow, provenance, and security automata. We have implemented FABLE as part of the LINKS web programming language; we call the resulting language SELINKS. We report on our experience using SELINKS to build two substantial applications, a wiki and an on-line store, equipped with a combination of access control and provenance policies. To our knowledge, no existing framework enables the enforcement of such a wide variety of security policies with an equally high level of assurance.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Fable: A Language for Enforcing User-defined Security Policies

Swamy

Corcoran

Hicks

2008

2008 IEEE Symposium on Security and Privacy (Sp 2008)

View full text Add to dashboard Cite

show abstract

“…If places are computed dynamically, then the choice of the place at which to execute a computation could be a covert channel, and would thus require the security analysis to track and control information flow through this channel. In this respect, first-class places are similar to firstclass security levels (e.g., [13,50]), and the security analysis could be extended to handle first-class places using similar techniques, such as dependent type systems.…”

Section: Sx10 Prototype Implementationmentioning

confidence: 99%

Towards a practical secure concurrent language

Muller

Chong

2012

Proceedings of the ACM International Conference on Object Oriented Programming Systems Languages and Applications

View full text Add to dashboard Cite

We demonstrate that a practical concurrent language can be extended in a natural way with information security mechanisms that provably enforce strong information security guarantees. We extend the X10 concurrent programming language with coarse-grained information-flow control. Central to X10 concurrency abstractions is the notion of a place: a container for data and computation. We associate a security level with each place, and restrict each place to store only data appropriate for that security level. When places interact only with other places at the same security level, then our security mechanisms impose no restrictions. When places of differing security levels interact, our information security analysis prevents potentially dangerous information flows, including information flow through covert scheduling channels. The X10 concurrency mechanisms simplify reasoning about information flow in concurrent programs.We present a static analysis that enforces a noninterference-based extensional information security condition in a calculus that captures the key aspects of X10's place abstraction and async-finish parallelism. We extend this security analysis to support many of X10's language features, and have implemented a prototype compiler for the resulting language.

show abstract

“…There are a few approaches [21,28,20] that employ a combination of static and dynamic methods to avoid the limitations of pure dynamic approaches. In both these works, the use of dynamic techniques is to expand the scope of the static analysis based policy enforcement mechanisms.…”

Section: Related Workmentioning

confidence: 99%

Preventing Information Leaks through Shadow Executions

Capizzi

Longo

Venkatakrishnan

et al. 2008

2008 Annual Computer Security Applications Conference (ACSAC)

View full text Add to dashboard Cite

A concern about personal information confidentiality typically arises when any desktop application communicates to the external network, for example, to its producer's server for obtaining software version updates. We address this confidentiality concern of end users by an approach called shadow execution. A key property of shadow execution is that it allows applications to successfully communicate over the network while disallowing any information leaks. We describe the design and implementation of this approach for Windows applications. Experiments with our prototype implementation indicate that shadow execution allows applications to execute without inhibiting any behaviors, has acceptable performance overheads while preventing any information leaks.

show abstract

Dynamic Security Labels and Noninterference (Extended Abstract)

Cited by 44 publications

References 24 publications

Fable: A Language for Enforcing User-defined Security Policies

Fable: A Language for Enforcing User-defined Security Policies

Towards a practical secure concurrent language

Preventing Information Leaks through Shadow Executions

Contact Info

Product

Resources

About