DeepAI AI Chat
Log In Sign Up

Typed-based Relaxed Noninterference for Free

by   Minh Ngô, et al.
Stevens Institute of Technology

Despite the clear need for specifying and enforcing information flow policies, existing tools and theories either fall short of practical languages, fail to encompass the declassification needed for practical requirements, or fail to provide provable guarantees. In this paper we make progress on provable guarantees encompassing declassification by leveraging type abstraction. We translate information flow policies, with declassification, into an interface for which an unmodified standard typechecker can be applied to a source program - if it typechecks, the program provably satisfies the policy. Our proof reduces security to the mathematical foundation of data abstraction, Reynolds' abstraction theorem. By proving this result for a large fragment of pure ML, we give evidence for the potential to build sound security tools using off the shelf language tools and their theories.


Existential Types for Relaxed Noninterference

Information-flow security type systems ensure confidentiality by enforci...

Pifthon: A Compile-Time Information Flow Analyzer For An Imperative Language

Compile-time information flow analysis has been a promising technique fo...

First-order Gradual Information Flow Types with Gradual Guarantees

Gradual type systems seamlessly integrate statically-typed programs with...

Alignment-based Translations Across Formal Systems Using Interface Theories

Translating expressions between different logics and theorem provers is ...

LWeb: Information Flow Security for Multi-tier Web Applications

This paper presents LWeb, a framework for enforcing label-based, informa...

Secure Information Flow Connections

Denning's lattice model provided secure information flow analyses with a...

Uncovering Information Flow Policy Violations in C Programs

Programmers of cryptographic applications written in C need to avoid com...