Confidentiality for Multithreaded Programs via Bisimulation
نویسنده
چکیده
In Proceedings of Andrei Ershov 5th International Conference on Perspectives of System Informatics, Akademgorodok, Novosibirsk, Russia, July 9–12, 2003. LNCS. c © Springer-Verlag 2003 Abstract. Bisimulation has been a popular foundation for characterizing the confidentiality properties of concurrent programs. However, because a variety of bisimulation definitions are available in the literature, it is often difficult to pin down the “right” definition for modeling a particular attacker. Focusing on timingand probability-sensitive confidentiality for shared-memory multithreaded programs, we clarify the relation between different kinds of bisimulation by proving inclusion results. As a consequence, we derive the relationship between schedulerspecific, scheduler-independent, and strong confidentiality definitions. A key result justifying strong confidentiality is that it is the most accurate (largest) compositional indistinguishability-based confidentiality property that implies scheduler-independent confidentiality.
منابع مشابه
Effective verification of confidentiality for multi-threaded programs
This paper studies how confidentiality properties of multithreaded programs can be verified efficiently by a combination of newly developed and existing model checking algorithms. In particular, we study the verification of scheduler-specific observational determinism (SSOD), a property that characterizes secure information flow for multithreaded programs under a given scheduler. Scheduler-spec...
متن کاملProbabilistic Noninterference for Multi-Threaded Programs
We present a probability-sensitive confidentiality specification – a form of probabilistic noninterference – for a small multi-threaded programming language with dynamic thread creation. Probabilistic covert channels arise from a scheduler which is probabilistic. Since scheduling policy is typically outside the language specification for multithreaded languages, we describe how to generalise th...
متن کاملVerifying Weak Probabilistic Noninterference
Weak probabilistic noninterference is a security property for enforcing confidentiality in multi-threaded programs. It aims to guarantee secure flow of information in the program and ensure that sensitive information does not leak to attackers. In this paper, the problem of verifying weak probabilistic noninterference by leveraging formal methods, in particular algorithmic verification, is disc...
متن کاملConfidential Safety via Correspondence Assertions
We study a notion of secrecy that arises naturally in adversarial systems. Let all agents agree on a space of possible values. An honest agent chooses one of these values, and aims to make sure that this particular choice cannot be reliably guessed by an adversary, even in the context of a distributed protocol. An example is an agent that uses an honest mail server to send a message, wishing to...
متن کاملA ADAPT: A Framework for Coscheduling Multithreaded Programs
Since multicore systems offer greater performance via parallelism, future computing is progressing towards use of multicore machines with large number of cores. However, the performance of emerging multithreaded programs often does not scale to fully utilize the available cores. Therefore, simultaneously running multiple multithreaded applications becomes inevitable to fully exploit such machin...
متن کامل