Secure Guarded Commands

We develop a lightweight approach to information flow control that interacts with the use of cryptographic schemes. The language is a version of Dijkstra’s Guarded Commands language extended with parallelism, communication and symmetric cryptography. Information flow is modelled using security labels that are sets of hashed symmetric keys expressing the capabilities needed for access to data. In essence, encryption is used to encapsulate the protection offered by the information flow policy. We develop a type system aimed at tracking explicit, implicit, bypassing and correlation flows arising due to the parallel processes and the internal non-determinism inherent in Guarded Commands. The development is facilitated by the parallel processes having disjoint memories and is illustrated on a multiplexer scenario previously addressed using content-dependent information flow policies.

[1]  Chris Hankin,et al.  Decision support approaches for cyber security investment , 2015, Decis. Support Syst..

[2]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[3]  Flemming Nielson,et al.  From Flow Logic to static type systems for coordination languages , 2010, Sci. Comput. Program..

[4]  Flemming Nielson,et al.  Information Flow for Timed Automata , 2017, Models, Algorithms, Logics and Tools.

[5]  Andrew C. Myers,et al.  Observational determinism for concurrent program security , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[6]  Flemming Nielson,et al.  Content dependent information flow control , 2017, J. Log. Algebraic Methods Program..

[7]  Andrew C. Myers,et al.  Protecting privacy using the decentralized label model , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[8]  Rocco De Nicola,et al.  KLAIM: A Kernel Language for Agents Interaction and Mobility , 1998, IEEE Trans. Software Eng..

[9]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[10]  Michael Huth,et al.  Static Analysis for Proactive Security , 2019, Computing and Software Science.

[11]  Geoffrey Smith,et al.  A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..

[12]  Edsger W. Dijkstra,et al.  Guarded commands, nondeterminacy and formal derivation of programs , 1975, Commun. ACM.

[13]  Flemming Nielson,et al.  Atomistic Galois insertions for flow sensitive integrity , 2017, Comput. Lang. Syst. Struct..

[14]  Peeter Laud,et al.  Combining Differential Privacy and Mutual Information for Analyzing Leakages in Workflows , 2017, POST.

[15]  Chris Hankin Lambda Calculi: A Guide for Computer Scientists , 1995 .

[16]  Dennis M. Volpano,et al.  Secure flow typing , 1997, Comput. Secur..

[17]  Flemming Nielson,et al.  Predictive access control for distributed computation , 2013, Sci. Comput. Program..

[18]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[19]  Flemming Nielson,et al.  Lightweight Information Flow , 2019, Models, Languages, and Tools for Concurrent and Distributed Programming.