Locality-Based Security Policies

Information flow security provides a strong notion of end-to-end security in computing systems. However sometimes the policies for information flow security are limited in their expressive power, hence complicating the matter of specifying policies even for simple systems. These limitations often become apparent in contexts where confidential information is released under specific conditions. We present a novel policy language for expressing permissible information flow under expressive constraints on the execution traces for programs. Based on the policy language we propose a security condition shown to be a generalized intransitive non-interference condition. Furthermore a flow-logic based static analysis is presented and shown capable of guaranteeing the security of programs analysed.

[1]  John Rushby,et al.  Noninterference, Transitivity, and Channel-Control Security Policies 1 , 2005 .

[2]  Richard A. Kemmerer A Practical Approach to Identifying Storage and Timing Channels , 1982, 1982 IEEE Symposium on Security and Privacy.

[3]  D. E. Bell,et al.  Secure Computer Systems : Mathematical Foundations , 2022 .

[4]  David Sands,et al.  Probabilistic noninterference for multi-threaded programs , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[5]  Clark Weissman Handbook for the Computer Security Certification of Trusted Systems , 1995 .

[6]  Flemming Nielson,et al.  Information Flow Analysis for VHDL , 2005, PaCT.

[7]  J. Thomas Haigh,et al.  Extending the Non-Interference Version of MLS for SAT , 1986, IEEE Symposium on Security and Privacy.

[8]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[9]  David Sands,et al.  Dimensions and principles of declassification , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[10]  Gérard Boudol,et al.  On Declassification and the Non-Disclosure Policy , 2005, CSFW.

[11]  Geoffrey Smith,et al.  Probabilistic noninterference in a concurrent language , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[12]  Flemming Nielson,et al.  Sandboxing in myKlaim , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[13]  Judith N. Froscher,et al.  The Handbook for the Computer Security Certification of Trusted Systems , 1992 .

[14]  Flemming Nielson,et al.  Flow Logic: A Multi-paradigmatic Approach to Static Analysis , 2002, The Essence of Computation.

[15]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[16]  Daniele Gorla,et al.  Resource Access and Mobility Control with Dynamic Privileges Acquisition , 2003, ICALP.

[17]  Andrew C. Myers,et al.  Security policies for downgrading , 2004, CCS '04.

[18]  Andrew C. Myers,et al.  A decentralized model for information flow control , 1997, SOSP.

[19]  Geoffrey Smith,et al.  A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..

[20]  David Sands,et al.  Flow Locks: Towards a Core Calculus for Dynamic Flow Policies , 2006, ESOP.

[21]  Andrew C. Myers,et al.  JFlow: practical mostly-static information flow control , 1999, POPL '99.

[22]  Andrew C. Myers,et al.  Language-based information erasure , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[23]  Ellis S. Cohen Information transmission in computational systems , 1977, SOSP '77.

[24]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[25]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[26]  David Sands,et al.  Controlled Declassification Based on Intransitive Noninterference , 2004, APLAS.

[27]  Jeffrey D. Ullman,et al.  Introduction to Automata Theory, Languages and Computation , 1979 .