Non-Interference for Deterministic Interactive Programs

We consider the problem of defining an appropriate notion of non-interference (NI) for deterministic interactive programs. Previous work on the security of interactive programs by O'Neill, Clarkson and Chong (CSFW 2006) builds on earlier ideas due to Wittbold and Johnson (Symposium on Security and Privacy 1990), and argues for a notion of NI defined in terms of strategies modelling the behaviour of users. We show that, for deterministic interactive programs, it is not necessary to consider strategies and that a simple stream model of the users' behaviour is sufficient. The key technical result is that, for deterministic programs, stream-based NI implies the apparently more general strategy-based NI (in fact we consider a wider class of strategies than those of O'Neill et al). We give our results in terms of a simple notion of Input-Output Labelled Transition System, thus allowing application of the results to a large class of deterministic interactive programming languages.

[1]  R.,et al.  A CLASSIFICATION OF SECURITY PROPERTIES FOR PROCESS ALGEBRAS 1 , 1994 .

[2]  S. Abramsky Game Semantics , 1999 .

[3]  David Sands,et al.  Termination-Insensitive Noninterference Leaks More Than Just a Bit , 2008, ESORICS.

[4]  R. Milner,et al.  Bigraphical Reactive Systems , 2001, CONCUR.

[5]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[6]  Martín Abadi,et al.  Code-Carrying Authorization , 2008, ESORICS.

[7]  David Sands,et al.  Just Forget It - The Semantics and Enforcement of Information Erasure , 2008, ESOP.

[8]  Mario Bravetti,et al.  A Process Algebraic Approach for the Analysis of Probabilistic Non-interference , 2011 .

[9]  Radha Jagadeesan,et al.  Full Abstraction for PCF , 1994, Inf. Comput..

[10]  Russell Harmer,et al.  A fully abstract game semantics for finite nondeterminism , 1999, Proceedings. 14th Symposium on Logic in Computer Science (Cat. No. PR00158).

[11]  J. Todd Wittbold,et al.  Information flow in nondeterministic systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Alessandro Aldini,et al.  Probabilistic Information Flow in a Process Algebra , 2001, CONCUR.

[13]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[14]  Kousha Etessami,et al.  Optimizing Büchi Automata , 2000, CONCUR.

[15]  James W. Gray,et al.  Toward a mathematical foundation for information flow security , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[16]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[17]  Jan Jürjens,et al.  Secure Information Flow for Concurrent Processes , 2000, CONCUR.

[18]  Claude E. Shannon,et al.  Channels with Side Information at the Transmitter , 1958, IBM J. Res. Dev..

[19]  Michael R. Clarkson,et al.  Information-flow security for interactive programs , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).