Formal Verification of Language-Based Concurrent Noninterference
نویسندگان
چکیده
We perform a formal analysis of compositionality techniques for proving possibilistic noninterference for a while language with parallel composition. We develop a uniform framework where we express a wide range of noninterference variants from the literature and compare them w.r.t. their contracts: the strength of the security properties they ensure weighed against the harshness of the syntactic conditions they enforce. This results in a simple implementable algorithm for proving that a program has a specific noninterference property, using only compositionality, which captures uniformly several security type-system results from the literature and suggests a further improved type system. All formalism and theorems have been mechanically verified in Isabelle/HOL.
منابع مشابه
A Dependent Security Type System for Concurrent Imperative Programs
The paper “Compositional Verification and Refinement of Concurrent Value-Dependent Noninterference” by Murray et. al. [MSPR16] presents a dependent security type system for compositionally verifying a value-dependent noninterference property, defined in [Mur15], for concurrent programs. This development formalises that security definition, the type system and its soundness proof, and demonstrat...
متن کاملComponent-oriented verification of noninterference
Component-based software engineering often relies on libraries of trusted components that are combined to build dependable and secure software systems. Resource dependences, constraint conflicts, and information flow interferences arising from component combination that may violate security requirements can be revealed by means of the noninterference approach to information flow analysis. Howev...
متن کاملPer-Thread Compositional Compilation for Confidentiality-Preserving Concurrent Programs
Recent work has demonstrated that per-thread compositional verification of value-dependent noninterference is feasible for concurrent programs: Murray et al. [9] presented a type system that, when applied individually to each of the threads of a concurrent program, can be used to establish that the entire program does not at any time leak high-classified data to any presently low-classified, re...
متن کاملObservational Determinism for Concurrent Program Security
Noninterference is a property of sequential programs that is useful for expressing security policies for data confidentiality and integrity. However, extending noninterference to concurrent programs has proved problematic. In this paper we present a relatively expressive secure concurrent language. This language, based on existing concurrent calculi, provides first-class channels, higher-order ...
متن کاملVerifying Weak Probabilistic Noninterference
Weak probabilistic noninterference is a security property for enforcing confidentiality in multi-threaded programs. It aims to guarantee secure flow of information in the program and ensure that sensitive information does not leak to attackers. In this paper, the problem of verifying weak probabilistic noninterference by leveraging formal methods, in particular algorithmic verification, is disc...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- J. Formalized Reasoning
دوره 6 شماره
صفحات -
تاریخ انتشار 2013