DeepAI AI Chat
Log In Sign Up

Typed-based Relaxed Noninterference for Free

05/02/2019
by   Minh Ngô, et al.
Inria
Stevens Institute of Technology
0

Despite the clear need for specifying and enforcing information flow policies, existing tools and theories either fall short of practical languages, fail to encompass the declassification needed for practical requirements, or fail to provide provable guarantees. In this paper we make progress on provable guarantees encompassing declassification by leveraging type abstraction. We translate information flow policies, with declassification, into an interface for which an unmodified standard typechecker can be applied to a source program - if it typechecks, the program provably satisfies the policy. Our proof reduces security to the mathematical foundation of data abstraction, Reynolds' abstraction theorem. By proving this result for a large fragment of pure ML, we give evidence for the potential to build sound security tools using off the shelf language tools and their theories.

READ FULL TEXT
11/11/2019

Existential Types for Relaxed Noninterference

Information-flow security type systems ensure confidentiality by enforci...
03/10/2021

Pifthon: A Compile-Time Information Flow Analyzer For An Imperative Language

Compile-time information flow analysis has been a promising technique fo...
03/28/2020

First-order Gradual Information Flow Types with Gradual Guarantees

Gradual type systems seamlessly integrate statically-typed programs with...
12/05/2017

Alignment-based Translations Across Formal Systems Using Interface Theories

Translating expressions between different logics and theorem provers is ...
01/23/2019

LWeb: Information Flow Security for Multi-tier Web Applications

This paper presents LWeb, a framework for enforcing label-based, informa...
11/05/2020

Secure Information Flow Connections

Denning's lattice model provided secure information flow analyses with a...
07/03/2019

Uncovering Information Flow Policy Violations in C Programs

Programmers of cryptographic applications written in C need to avoid com...