Certification of programs for secure information flow

ertification mechanism for verifying the secure flow of information through a program. Because it exploits the properties of a lattice structure among security classes, the procedure is sufficiently simple that it can easily be included in the analysis phase of most existing compilers. Appropriate semantics are presented and proved correct. An important application is the confinement problem: The mechanism can prove that a program cannot cause supposedly nonconfidential results to depend on confidential input data.

[1]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[2]  John B. Goodenough,et al.  Exception handling: issues and a proposed notation , 1975, CACM.

[3]  D. E. Bell,et al.  Secure Computer Systems : Mathematical Foundations , 2022 .

[4]  Leo Joseph Rotenberg,et al.  Making computers keep secrets , 1973 .

[5]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[6]  H. Stone Discrete Mathematical Structures and Their Applications , 1973 .

[7]  Edward S. Lowry,et al.  Object code optimization , 1969, CACM.

[8]  Jeffrey D. Ullman,et al.  On protection in operating systems , 1975, SOSP.

[9]  C. Weissman Security controls in the ADEPT-50 time-sharing system , 1899, AFIPS '69 (Fall).

[10]  Gregory Richard Andrews,et al.  Cops--a protection mechanism for computer systems. , 1974 .

[11]  Harry J. Saal,et al.  Memoryless execution: A programmer's viewpoint , 1976, Softw. Pract. Exp..

[12]  Charles G. Moore,et al.  Potential Capabilities in Algol-Like Programs , 1974 .

[13]  Peter J. Denning,et al.  Protection: principles and practice , 1972, AFIPS '72 (Spring).

[14]  Dorothy E. Denning,et al.  Secure information flow in computer systems. , 1975 .

[15]  David Gries,et al.  Compiler Construction for Digital Computers , 1971 .

[16]  Peter J. Denning,et al.  On the Derivation of Lattice Structured Information Flow Policies , 1976 .

[17]  Steven B. Lipner,et al.  A comment on the confinement problem , 1975, SOSP.

[18]  Anita K. Jones,et al.  Protection in programmed systems. , 1973 .

[19]  Jonathan K. Millen,et al.  Security Kernel validation in practice , 1976, CACM.

[20]  Richard J. Lipton,et al.  The enforcement of security policies for computation , 1975, J. Comput. Syst. Sci..

[21]  Frances E. Allen,et al.  Control-flow analysis , 2022 .

[22]  Jeffrey S. Fenton Information Protection Systems , 1973 .

[23]  Michael D. Schroeder,et al.  Cooperation of mutually suspicious subsystems in a computer utility , 1972 .

[24]  Marvin Minsky,et al.  Computation : finite and infinite machines , 2016 .

[25]  K. J. Biba,et al.  Structured specification of a Security Kernel , 1975, Reliable Software.

[26]  Peter J. Denning,et al.  Selectively Defined Subsystems , 1974 .

[27]  Jeffrey S. Fenton Memoryless Subsystems , 1974, Comput. J..

[28]  John F. Wakerly,et al.  The programming language PASCAL , 1979, Microprocessors and microsystems.