Nonmalleable Information Flow: Technical Report

08/29/2017
by   Ethan Cecchetti, et al.
0

Noninterference is a popular semantic security condition because it offers strong end-to-end guarantees, it is inherently compositional, and it can be enforced using a simple security type system. Unfortunately, it is too restrictive for real systems. Mechanisms for downgrading information are needed to capture real-world security requirements, but downgrading eliminates the strong compositional security guarantees of noninterference. We introduce nonmalleable information flow, a new formal security condition that generalizes noninterference to permit controlled downgrading of both confidentiality and integrity. While previous work on robust declassification prevents adversaries from exploiting the downgrading of confidentiality, our key insight is transparent endorsement, a mechanism for downgrading integrity while defending against adversarial exploitation. Robust declassification appeared to break the duality of confidentiality and integrity by making confidentiality depend on integrity, but transparent endorsement makes integrity depend on confidentiality, restoring this duality. We show how to extend a security-typed programming language with transparent endorsement and prove that this static type system enforces nonmalleable information flow, a new security property that subsumes robust declassification and transparent endorsement. Finally, we describe an implementation of this type system in the context of Flame, a flow-limited authorization plugin for the Glasgow Haskell Compiler.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

04/21/2021

A Calculus for Flow-Limited Authorization

Real-world applications routinely make authorization decisions based on ...
06/05/2017

Towards a Flow- and Path-Sensitive Information Flow Analysis: Technical Report

This paper investigates a flow- and path-sensitive static information fl...
04/06/2022

P4BID: Information Flow Control in P4

Modern programmable network switches can implement custom applications u...
05/12/2022

Synergia: Hardening High-Assurance Security Systems with Confidential and Trusted Computing

High-assurance security systems require strong isolation from the untrus...
03/15/2021

Compositional Security for Reentrant Applications

The disastrous vulnerabilities in smart contracts sharply remind us of o...
11/26/2021

Towards a Secure and Reliable IT-Ecosystem in Seaports

Digitalization in seaports dovetails the IT infrastructure of various ac...
10/24/2018

On the Effectiveness of Type-based Control Flow Integrity

Control flow integrity (CFI) has received significant attention in the c...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.