A generic approach to the security of multi-threaded programs

Abstract: The security of computation at the level of a specific programming language and the security of complex systems at a more abstract level are two major areas of current security research. With the objective to integrate the two, this article proposes a translation of a timing-sensitive security property for simple multi-threaded programs into a more general security framework. Interestingly, our notion of security for programs is bisimulation-based while the security framework is trace-based. Nevertheless, we show that the translation is sound and complete in the sense that the trace-based specification which results from the translation of a multi-threaded program is secure if and only if the original program is secure. The translation is presented as a two-step process where the first step is independent from the concrete programming language.

[1]  David Sands,et al.  Probabilistic noninterference for multi-threaded programs , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[2]  Joshua D. Guttman,et al.  What Needs Securing , 1988, CSFW.

[3]  Heiko Mantel,et al.  Information Flow Control and Applications - Bridging a Gap , 2001, FME.

[4]  Geoffrey Smith,et al.  A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..

[5]  Johan Agat,et al.  Transforming out timing leaks , 2000, POPL '00.

[6]  R.,et al.  A CLASSIFICATION OF SECURITY PROPERTIES FOR PROCESS ALGEBRAS 1 , 1994 .

[7]  John McLean,et al.  A general theory of composition for trace sets closed under selective interleaving functions , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[8]  Roberto Gorrieri,et al.  Information flow analysis in a discrete-time process algebra , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[9]  Heiko Mantel,et al.  Possibilistic definitions of security-an assembly kit , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[10]  Dennis Volpano,et al.  Probabilistic noninterference in a concurrent language , 1999 .

[11]  E. Stewart Lee,et al.  A general theory of security properties , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[12]  Heiko Mantel,et al.  Preserving information flow properties under refinement , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[13]  Gregory R. Andrews,et al.  Foundations of Multithreaded, Parallel, and Distributed Programming , 1999 .

[14]  K. Rustan M. Leino,et al.  A semantic approach to secure information flow , 2000, Sci. Comput. Program..

[15]  Peter Y. A. Ryan,et al.  Process algebra and non-interference , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[16]  A. W. Roscoe CSP and determinism in security modelling , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[17]  F. Javier Thayer,et al.  Security and the Composition of Machines , 1988, CSFW.

[18]  David Sands,et al.  A Per Model of Secure Information Flow in Sequential Programs , 1999, ESOP.

[19]  Simon N. Foley,et al.  A Universal Theory of Information Flow , 1987, 1987 IEEE Symposium on Security and Privacy.

[20]  Ellis S. Cohen Information transmission in computational systems , 1977, SOSP '77.

[21]  Daryl McCullough,et al.  Specifications for Multi-Level Security and a Hook-Up , 1987, 1987 IEEE Symposium on Security and Privacy.

[22]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[23]  Jon G. Riecke,et al.  The SLam calculus: programming with secrecy and integrity , 1998, POPL '98.

[24]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[25]  Jim Woodcock,et al.  Non-interference through Determinism , 1994, J. Comput. Secur..

[26]  Brian A. Davey,et al.  An Introduction to Lattices and Order , 1989 .

[27]  Martín Abadi,et al.  A core calculus of dependency , 1999, POPL '99.

[28]  Heiko Mantel,et al.  Unwinding Possibilistic Security Properties , 2000, ESORICS.

[29]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[30]  David Sands,et al.  On Confidentiality and Algorithms , 2001, S&P 2001.

[31]  Geoffrey Smith,et al.  Secure information flow in a multi-threaded imperative language , 1998, POPL '98.

[32]  J. Todd Wittbold,et al.  Information flow in nondeterministic systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[33]  Peter Y. A. Ryan,et al.  Process algebra and non-interference , 2001 .