Enforcing Reactive Noninterference with Reachability Analysis

The reactive computational model is pervasively used as a proper abstraction of web-based applications which receive inputs and generate outputs throughout execution. The present static enforcements of information flow security on reactive program are either based on type system or abstract interpretation. In this work we first propose an approach using automated verification to check conformance with information flow policy for reactive program. This approach utilizes our previous idea to incorporate self-composition with reach ability analysis. In order to reduce the state space of model, we propose the Store-Match Self-Composition (SMSC) to avoid duplicating the low channels. The result of preliminary experiments shows that our approach is more precise and efficient than existing work and also more efficient than our previous reach ability analysis.

[1]  David Sands,et al.  Termination-Insensitive Noninterference Leaks More Than Just a Bit , 2008, ESORICS.

[2]  Roberto Gorrieri,et al.  Information flow analysis in a discrete-time process algebra , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[3]  Zhong Chen,et al.  Secure Information Flow by Model Checking Pushdown System , 2009, 2009 Symposia and Workshops on Ubiquitous, Autonomic and Trusted Computing.

[4]  David A. Naumann From Coupling Relations to Mated Invariants for Checking Information Flow , 2006, ESORICS.

[5]  David A. Schmidt,et al.  Automata-Based Confidentiality Monitoring , 2006, ASIAN.

[6]  Geoffrey Smith,et al.  A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..

[7]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[8]  Sofia Cassel,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 2012 .

[9]  Stefan Schwoon,et al.  Model checking pushdown systems , 2002 .

[10]  Alexander Aiken,et al.  Secure Information Flow as a Safety Problem , 2005, SAS.

[11]  David Sands,et al.  A Per Model of Secure Information Flow in Sequential Programs , 1999, ESOP.

[12]  Zhong Chen,et al.  Secure Information Flow in Java via Reachability Analysis of Pushdown System , 2010, 2010 10th International Conference on Quality Software.

[13]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[14]  Michael R. Clarkson,et al.  Information-flow security for interactive programs , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).

[15]  Geoffrey Smith,et al.  Eliminating covert flows with minimum typings , 1997, Proceedings 10th Computer Security Foundations Workshop.

[16]  Zohar Manna,et al.  Temporal Verification of Reactive Systems , 1995, Springer New York.

[17]  Benjamin C. Pierce,et al.  Reactive noninterference , 2009, CCS.

[18]  Scott F. Smith,et al.  Improving usability of information flow security in java , 2007, PLAS '07.

[19]  Pedro R. D'Argenio,et al.  Secure information flow by self-composition , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[20]  Zohar Manna,et al.  Temporal verification of reactive systems - safety , 1995 .

[21]  Ilaria Castellani,et al.  Typing noninterference for reactive programs , 2007, J. Log. Algebraic Methods Program..

[22]  Pedro R. D'Argenio,et al.  Secure information flow by self-composition , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[23]  Nicoletta De Francesco,et al.  Instruction-level security typing by abstract interpretation , 2007, International Journal of Information Security.