A Sound Type System for Secure Flow Analysis

Ensuring secure information flow within programs in the context of multiple sensitivity levels has been widely studied. Especially noteworthy is Denning’s work in secure flow analysis and the lattice model [6][7]. Until now, however, the soundness of Denning’s analysis has not been established satisfactorily. We formulate Denning’s approach as a type system and present a notion of soundness for the system that can be viewed as a form of noninterference. Soundness is established by proving, with respect to a standard programming language semantics, that all well-typed programs have this noninterference property.

[1]  Jens Palsberg,et al.  Trust in the λ-calculus , 1995, Journal of Functional Programming.

[2]  K J Biba,et al.  Integrity Considerations for Secure Computer Systems , 1977 .

[3]  John McLean,et al.  Security models and information flow , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[4]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[5]  John C. Reynolds,et al.  Preliminary design of the programming language Forsythe , 1988 .

[6]  David A. Bell,et al.  Secure computer systems: mathematical foundations and model , 1973 .

[7]  Masaaki Mizuno,et al.  A Least Fixed Point Approach To Inter-Procedural Information Flow Control , 1989 .

[8]  Peter Ørbæk Can you Trust your Data , 1995 .

[9]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[10]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[11]  Robert Harper,et al.  A Simplified Account of Polymorphic References , 1994, Inf. Process. Lett..

[12]  Dorothy E. Denning,et al.  Secure information flow in computer systems. , 1975 .

[13]  J DenningPeter,et al.  Certification of programs for secure information flow , 1977 .

[14]  Daniel Le Métayer,et al.  Compile-Time Detection of Information Flow in Sequential Programs , 1994, ESORICS.

[15]  Daryl McCullough,et al.  Noninterference and the composability of security properties , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[16]  Peter Ørbæk Can you Trust your Data? , 1995, TAPSOFT.

[17]  Daryl McCullough,et al.  Specifications for Multi-Level Security and a Hook-Up , 1987, 1987 IEEE Symposium on Security and Privacy.

[18]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[19]  Jens Palsberg,et al.  Trust in the lambda-Calculus , 1997, J. Funct. Program..

[20]  R AndrewsGregory,et al.  An Axiomatic Approach to Information Flow in Programs , 1980 .

[21]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[22]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .