Information flow security of multi-threaded distributed programs

Focardi, Riccardo; Centenaro, Matteo

doi:10.1145/1375696.1375711

Cited by 10 publications

(13 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This will allow us to analyse more accurate representations of functions in widely used security APIs such as PKCS #11 [20]. Adding conditionals will require a modified definition of the indistinguishability of stores, similar to the one given by Focardi and Centenaro [14]. It should be noted that such a change will not affect our results for the indistinguishability of expressions.…”

Section: Discussionmentioning

confidence: 99%

“…Focardi and Centenaro [14] give a type system for enforcing non-interference in multi-threaded distributed programs which share common memory locations. They use confounders (unique values associated with each new ciphertext) as an abstraction of probabilistic encryption, and give a definition of equivalence for low security values based on the notion of patterns [10].…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Towards a Type System for Security APIs

Keighren

Aspinall

Steel

2009

Foundations and Applications of Security Analysis

View full text Add to dashboard Cite

Abstract. Security API analysis typically only considers a subset of an API's functions, with results bounded by the number of function calls. Furthermore, attacks involving partial leakage of sensitive information are usually not covered. Type-based static analysis has the potential to alleviate these shortcomings. To that end, we present a type system for secure information flow based upon the one of Volpano, Smith and Irvine [1], extended with types for cryptographic keys and ciphertext similar to those in Sumii and Pierce [2]. In contrast to some other type systems, the encryption and decryption of keys does not require special treatment. We show that a well-typed sequence of commands is non-interferent, based upon a definition of indistinguishability where, in certain circumstances, the adversary can distinguish between ciphertexts that correspond to encrypted public data.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Towards a Type System for Security APIs

Keighren

Aspinall

Steel

2009

Foundations and Applications of Security Analysis

View full text Add to dashboard Cite

show abstract

“…Some of these approaches are, for example, applied to specific programs, e.g., written in VHDL [44], where the analysis of information flow is closely related to the context. Moreover, the secure information flow problem was also handled in different situation, for example with multi-threaded programs [42] or with programs that employ explicit cryptographic operations [3,21].…”

Section: Related Workmentioning

confidence: 99%

Combining Symbolic and Numerical Domains for Information Leakage Analysis

Cortesi

Ferrara²,

Halder

et al. 2018

Transactions on Computational Science XXXI

View full text Add to dashboard Cite

“…The proof is based on a new notion of fast simulation, which builds on the work of Baier, Katoen, Hermanns, and Wolf [BKHW05] on strong and weak simulation on discrete and continuous Markov chains. The theorem that stripping is a fast simulation shows that the theory of probabilistic simulation can be applied fruitfully to the secure information flow problem, giving another proof technique in addition to the more common bisimulation-based approach of work like [LV05], [SA06], and [FR08] on languages with cryptography, and [AFG98], [SV98], [Smi03], [ACF06], [FC08] on multi-threaded languages. The recent work [AS09] on secure information flow in a distributed language also makes use of the technique of stripping and fast simulation, although in a non-probabilistic context.…”

Section: Related Work and Conclusionmentioning

confidence: 99%

Non-termination and secure information flow

Smith¹,

Alpízar²

2011

Math. Struct. Comp. Sci.

View full text Add to dashboard Cite

In secure information flow analysis, the classic Denning restrictions allow a program's termination to be affected by the values of its H variables, resulting in potential information leaks. In an effort to quantify such leaks, in this work we study a simple imperative language with random assignments. As a thought experiment, we propose a "stripping" operation on programs, which eliminates all "high computation", and we prove a fundamental property: stripping cannot decrease the probability of any low outcome. To prove this property, we first introduce a new notion of fast probabilistic simulation on Markov chains and we show that it implies a key reachability property. Viewing the stripping function as a binary relation, we then prove that stripping is a fast simulation. As an application we prove that, under the Denning restrictions, well-typed probabilistic programs are guaranteed to satisfy an approximate probabilistic noninterference property, provided that their probability of nontermination is small.

show abstract

Information flow security of multi-threaded distributed programs

Cited by 10 publications

References 22 publications

Towards a Type System for Security APIs

Towards a Type System for Security APIs

Combining Symbolic and Numerical Domains for Information Leakage Analysis

Non-termination and secure information flow

Contact Info

Product

Resources

About