The Impact of Synchronisation on Secure Information Flow in Concurrent Programs

Synchronisation is fundamental to concurrent programs. This paper investigates the security of information flow in multithreaded programs in the presence of synchronisation. We give a small-step operational semantics for a simple shared-memory multi-threaded language with synchronisation, and present a compositional timing-sensitive bisimulation-based confidentiality specification. We propose a type-based analysis improving on previous approaches to reject potentially insecure programs.

[1]  Geoffrey Smith,et al.  A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..

[2]  Gregory R. Andrews,et al.  Foundations of Multithreaded, Parallel, and Distributed Programming , 1999 .

[3]  Johan Agat,et al.  Transforming out timing leaks , 2000, POPL '00.

[4]  Andrei Sabelfeld,et al.  Semantic Models for the Security of Sequential and Concurrent Programs , 2001 .

[5]  Martín Abadi,et al.  A core calculus of dependency , 1999, POPL '99.

[6]  Daryl McCullough,et al.  Specifications for Multi-Level Security and a Hook-Up , 1987, 1987 IEEE Symposium on Security and Privacy.

[7]  Gregory R. Andrews,et al.  An Axiomatic Approach to Information Flow in Programs , 1980, TOPL.

[8]  Daniel Le Métayer,et al.  Compile-Time Detection of Information Flow in Sequential Programs , 1994, ESORICS.

[9]  David Sands,et al.  A Per Model of Secure Information Flow in Sequential Programs , 1999, High. Order Symb. Comput..

[10]  Geoffrey Smith,et al.  Probabilistic noninterference in a concurrent language , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[11]  K. Rustan M. Leino,et al.  A semantic approach to secure information flow , 2000, Sci. Comput. Program..

[12]  David Sands,et al.  Probabilistic noninterference for multi-threaded programs , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[13]  Geoffrey Smith,et al.  Secure information flow in a multi-threaded imperative language , 1998, POPL '98.

[14]  David Sands,et al.  On Confidentiality and Algorithms , 2001, S&P 2001.

[15]  VolpanoDennis,et al.  A sound type system for secure flow analysis , 1996 .

[16]  R AndrewsGregory,et al.  An Axiomatic Approach to Information Flow in Programs , 1980 .

[17]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[18]  Edsger W. Dijkstra,et al.  Cooperating sequential processes , 2002 .

[19]  Peter Ørbæk Can you Trust your Data? , 1995, TAPSOFT.

[20]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[21]  Jon G. Riecke,et al.  The SLam calculus: programming with secrecy and integrity , 1998, POPL '98.