Type systems equivalent to data-flow analyses for imperative languages

We show that a large class of data-flow analyses for imperative languages are describable as type systems in the following technical sense: possible results of an analysis can be described in a language of types so that a program checks with a type if and only if this type is a supertype of the result of applying the analysis. Type-checking is easy with the help of a certificate that records the "eureka"-bits of a typing derivation. Certificate-assisted type-checking amounts to a form of lightweight analysis a la Rose. For secure information flow, we obtain a type system that is considerably more precise than that of Volpano et al., but not more sophisticated. Importantly, our type systems are compositional.

[1]  Peeter Laud,et al.  Eliminating Counterevidence with Applications to Accountable Certificate Management , 2002, J. Comput. Secur..

[2]  Tobias Nipkow,et al.  Verified lightweight bytecode verification , 2001, Concurr. Comput. Pract. Exp..

[3]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[4]  Geoffrey Smith,et al.  A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..

[5]  Gregory R. Andrews,et al.  An Axiomatic Approach to Information Flow in Programs , 1980, TOPL.

[6]  Patrick Cousot,et al.  Types as abstract interpretations , 1997, POPL '97.

[7]  Peeter Laud Semantics and Program Analysis of Computationally Secure Information Flow , 2001, ESOP.

[8]  Nevin Heintze,et al.  Control-Flow Analysis and Type Systems , 1995, SAS.

[9]  George C. Necula,et al.  Oracle-based checking of untrusted software , 2001, POPL '01.

[10]  Torben Amtoft,et al.  Faithful Translations between Polyvariant Flows and Polymorphic Types , 2000, ESOP.

[11]  Manuel V. Hermenegildo,et al.  Abstraction-Carrying Code , 2005, LPAR.

[12]  Flemming Nielson,et al.  Principles of Program Analysis , 1999, Springer Berlin Heidelberg.

[13]  Peeter Laud Handling Encryption in Analyses for Secure Information Flow , 2001 .

[14]  Jens Palsberg,et al.  A type system equivalent to a model checker , 2008, TOPL.

[15]  Torben Amtoft,et al.  Information Flow Analysis in Logical Form , 2004, SAS.

[16]  Jens Palsberg,et al.  A type system equivalent to flow analysis , 1995, TOPL.

[17]  Jens Palsberg,et al.  From polyvariant flow information to intersection and union types , 1998, POPL '98.

[18]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[19]  Eva Rose,et al.  Lightweight Bytecode Verification , 2004, Journal of Automated Reasoning.

[20]  David Sands,et al.  On flow-sensitive security types , 2006, POPL '06.

[21]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice,Second Edition , 2002 .