Proof-Carrying Code Based Tool for Secure Information Flow of Assembly Programs

Problem statement: How a host (the code consumer) can determine with certainty that a downloaded program received from untrusted source (the code producer) will maintain the confidentiality of the data it manipulates and it is safe to install and execute. Approach: The approach adopted for verifying that a downloaded program will not leak confidential data to unauthorized parties was based on the concept of Proof-Carrying Code (PCC). A mobile program (in its assembly form) was analyzed for information flow security based on the concept of proof-carrying code. The security policy was centered on a type system for analyzing information flows within assembly programs based on the notion of noninterference. Results: A verification tool for verifying assembly programs for information flow security was built. The tool certifies SPARC assembly programs for secure information flow by statically analyzing the program based on the idea of Proof-Carrying Code (PCC). The tool operated directly on the machine-code requiring only the inputs and outputs of the code annotated with security levels. The tool provided a windows user interface enabling the users to control the verification process. The proofs that untrusted program did not leak sensitive information were generated and checked on the host machine and if they are valid, then the untrusted program can be installed and executed safely. Conclusion: By basing proof-carrying code infrastructure on information flow analysis type-system, a sufficient assurance of protecting confidential data manipulated by the mobile program can be obtained. This assurance was come due to the fact that type systems provide a sufficient guarantee of protecting confidentiality.

[1]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[2]  Jean-Louis Lanet,et al.  Checking Secure Interactions of Smart Card Applets: Extended Version , 2002, J. Comput. Secur..

[3]  Frank Pfenning,et al.  System Description: Twelf - A Meta-Logical Framework for Deductive Systems , 1999, CADE.

[4]  Fausto Spoto,et al.  Information Flow Analysis for Java Bytecode , 2005, VMCAI.

[5]  Ramlan Mahmod,et al.  Information Flow Type System for Proof Carrying Code , 2007 .

[6]  Arnold Robbins What's GNU? , 1994 .

[7]  Gilles Barthe,et al.  Security types preserving compilation , 2004, Comput. Lang. Syst. Struct..

[8]  Thomas Ball,et al.  What's in a region?: or computing control dependence regions in near-linear time for reducible control flow , 1993, LOPL.

[9]  Furio Honsell,et al.  A framework for defining logics , 1993, JACM.

[10]  Ricardo Medel,et al.  A typed assembly language for secure information flow analysis , 2004 .

[11]  Nicoletta De Francesco,et al.  An abstract semantics tool for secure information flow of stack-based assembly programs , 2002, Microprocess. Microsystems.

[12]  Gilles Barthe,et al.  Non-interference for a JVM-like language , 2005, TLDI '05.

[13]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[14]  Nicoletta De Francesco,et al.  Combining Abstract Interpretation and Model Checking for Analysing Security Properties of Java Bytecode , 2002, VMCAI.

[15]  Dachuan Yu,et al.  A Typed Assembly Language for Confidentiality , 2006, ESOP.

[16]  Ricardo Medel,et al.  Non-Interference for a Typed Assembly Language , 2005 .

[17]  Andrew C. Myers,et al.  Secure Information Flow via Linear Continuations , 2002, High. Order Symb. Comput..

[18]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[19]  George C. Necula,et al.  Proof-carrying code , 1997, POPL '97.

[20]  Marco Avvenuti,et al.  Java bytecode verification for secure information flow , 2003, SIGP.