Theoretical Fundamentals of Gate Level Information Flow Tracking

Information flow tracking is an effective tool in computer security for detecting unintended information flows. However, software based information flow tracking implementations have drawbacks in preciseness and performance. As a result, researchers have begun to explore tracking information flow in hardware, and more specifically, understanding the interference of individual bits of information through logical functions. Such gate level information flow tracking (GLIFT) can track information flow in a system at the granularity of individual bits. However, the theoretical basis for GLIFT, which is essential to its adoption in real applications, has never been thoroughly studied. This paper provides fundamental analysis of GLIFT by introducing definitions, properties, and the imprecision problem with a commonly used shadow logic generation method. This paper also presents a solution to this imprecision problem and provides results that show this impreciseness can be tolerated for the benefit of lower area and delay.

[1]  Geoffrey Smith,et al.  A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..

[2]  Frederic T. Chong,et al.  Execution leases: A hardware-supported mechanism for enforcing strong non-interference , 2009, 2009 42nd Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[3]  Daniel J. Bernstein,et al.  Cache-timing attacks on AES , 2005 .

[4]  George Markowsky,et al.  On the number of prime implicants , 1978, Discret. Math..

[5]  Edward B. Eichelberger,et al.  Hazard Detection in Combinational and Sequential Switching Circuits , 1964, IBM J. Res. Dev..

[6]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[7]  Francis C. Wang Digital Circuit Testing: A Guide to DFT and Other Techniques , 1991 .

[8]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[9]  L.,et al.  SECURE COMPUTER SYSTEMS : MATHEMATICAL FOUNDATIONS , 2022 .

[10]  D. Pellkofer,et al.  A three-valued fast fault simulator for scan-based VLSI-logic , 1989, [1989] Proceedings of the 1st European Test Conference.

[11]  Hung Son Nguyen,et al.  Approximate Boolean Reasoning: Foundations and Applications in Data Mining , 2006, Trans. Rough Sets.

[12]  Babak Falsafi,et al.  Flexible Hardware Acceleration for Instruction-Grain Program Monitoring , 2008, 2008 International Symposium on Computer Architecture.

[13]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[14]  Wei Hu,et al.  Theoretical analysis of gate level information flow tracking , 2010, Design Automation Conference.

[15]  Janusz Rajski,et al.  A method of fault simulation based on stem regions , 1990, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[16]  François Pottier,et al.  Information flow inference for ML , 2003, TOPL.

[17]  Guru Venkataramani,et al.  FlexiTaint: A programmable accelerator for dynamic taint propagation , 2008, 2008 IEEE 14th International Symposium on High Performance Computer Architecture.

[18]  C. Sturton,et al.  SHIFT + M : Software-Hardware Information Flow Tracking on Multi-core , 2008 .

[19]  Ieee Circuits,et al.  IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems information for authors , 2018, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[20]  Steve Zdancewic,et al.  Challenges for Information-flow Security , 2004 .

[21]  David Zhang,et al.  Secure program execution via dynamic information flow tracking , 2004, ASPLOS XI.

[22]  Christoforos E. Kozyrakis,et al.  Raksha: a flexible information flow architecture for software security , 2007, ISCA '07.

[23]  Xiangyu Zhang,et al.  Scalable dynamic information flow tracking and its applications , 2008, 2008 IEEE International Symposium on Parallel and Distributed Processing.

[24]  Edward J. McCluskey,et al.  Introduction to the theory of switching circuits , 1965 .

[25]  Eddie Kohler,et al.  Information flow control for standard OS abstractions , 2007, SOSP.

[26]  Steve Vandebogart,et al.  Labels and event processes in the Asbestos operating system , 2005, TOCS.

[27]  Frederic T. Chong,et al.  Complete information flow tracking from the gates up , 2009, ASPLOS.