The Impact of Synchronisation on Secure Information Flow in Concurrent Programs
نویسنده
چکیده
Synchronisation is fundamental to concurrent programs. This paper investigates the security of information ow in multi-threaded programs in the presence of synchronisation. We give a small-step operational semantics for a simple shared-memory multi-threaded language with synchronisation, and present a compositional timing-sensitive bi-simulation-based conndentiality speciication. We propose a type-based analysis improving on previous approaches to reject potentially insecure programs.
منابع مشابه
Secure Information Flow in Orc (DRAFT)
Secure information flow attempts to verify that programs do not leak information to unauthorized third parties. Previous approaches to secure information flow have considered classical sequential languages and concurrent languages based on channels. In this work, we demonstrate how techniques from secure information flow can be used to verify security properties of structured concurrent workflo...
متن کاملA Theorem Proving Approach to Secure Information Flow in Concurrent Programs (Extended Abstract)
We present an approach to formally prove secure information flow in multi-threaded programs. We start with a precise formalization of noninterference in dynamic logic and then use the rely/guarantee approach to reduce this to thread-modular properties, that can be checked locally. A sound and complete calculus ensures that these properties can be proven without false positives. Currently, we wo...
متن کاملSecure Information Flow in the Orc Concurrent Programming Language Project Report
Orc is a concurrent, functional-like programming language. We extend Orc’s type system with secure typing, to control the flow of information through programs according to a security policy. This policy is encoded in a lattice of labels that can be applied to values. The partial order of labels specifies the allowed information flows. The impact of Orc’s design and of concurrency in general are...
متن کاملStateless Code Model Checking of Information Flow Security
Observational determinism is a security property that characterizes secure information flow for multithreaded programs. Most of the methods that have been used to verify observational determinism are based on either type systems or conventional model checking techniques. A conventional model checker is stateful and often verifies a system model usually constructed manually. As these methods are...
متن کاملTowards a High-Level Multimedia Modelling & Synchronisation Environment Based on Constraint Programming
The problem of modelling and synchronisation of multimedia objects is addressed in the declarative logic programming setting and in particular within the framework of (objectoriented) timed concurrent constraint programming (OO-TCCP). The real-time extensions that have been proposed for the concurrent constraint programming framework are coupled with the object-oriented and inheritance mechanis...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2001