Article

A Library for Secure Multi-threaded Information Flow in Haskell

Authors:

Ta-chung Tsai,

Alejandro Russo,

John HughesAuthors Info & Claims

CSF '07: Proceedings of the 20th IEEE Computer Security Foundations Symposium

Pages 187 - 202

https://doi.org/10.1109/CSF.2007.6

Published: 06 July 2007 Publication History

Publisher Site

Abstract

Li and Zdancewic have recently proposed an approach to provide information-flow security via a library rather than producing a new language from the scratch. They have shown how to implement such a library in Haskell by using arrow combinators. However, their approach only works with computations that have no side-effects. In fact, they leave as an open question how their library, and the mechanisms in it, need to be modified to consider these kind of effects. Another absent feature in the library is support for multithreaded programs. Information-flow in multi-threaded programs still remains as a challenge, and no support for that has been implemented yet. It is not surprising, then, that the two main stream compilers that provide information-flow security, Jif and FlowCaml, lack support for multithreading. Following ideas taken from literature, this paper presents an extension to Li and Zdancewic's library that provides information-flow security in presence of reference manipulation and multithreaded programs. Moreover, an onlineshopping case study has been implemented to evaluate the proposed techniques. The case study reveals that exploiting concurrency to leak secrets is feasible and dangerous in practice and how our extension helps avoiding that. To the best of our knowledge, this is the first implemented tool to guarantee information-flow security in concurrent programs and the first implementation of a case study that involves concurrency and information-flow policies.

Cited By

View all

Hirsch ACecchetti E(2021)Giving semantics to program-counter labels via secure effectsProceedings of the ACM on Programming Languages10.1145/34343165:POPL(1-29)Online publication date: 4-Jan-2021
https://dl.acm.org/doi/10.1145/3434316
Nelson LBornholt JKrishnamurthy ATorlak EWang X(2020)Noninterference specifications for secure systemsACM SIGOPS Operating Systems Review10.1145/3421473.342147854:1(31-39)Online publication date: 31-Aug-2020
https://dl.acm.org/doi/10.1145/3421473.3421478
Vassena MRusso AGarg DRajani VStefan D(2019)From fine- to coarse-grained dynamic information flow control and backProceedings of the ACM on Programming Languages10.1145/32903893:POPL(1-31)Online publication date: 2-Jan-2019
https://dl.acm.org/doi/10.1145/3290389
Show More Cited By

Index Terms

A Library for Secure Multi-threaded Information Flow in Haskell

Recommendations

A library for light-weight information-flow security in haskell
HASKELL '08

Protecting confidentiality of data has become increasingly important for computing systems. Information-flow techniques have been developed over the years to achieve that purpose, leading to special-purpose languages that guarantee information-flow ...
A library for light-weight information-flow security in haskell
Haskell '08: Proceedings of the first ACM SIGPLAN symposium on Haskell

Protecting confidentiality of data has become increasingly important for computing systems. Information-flow techniques have been developed over the years to achieve that purpose, leading to special-purpose languages that guarantee information-flow ...
Encoding Information Flow in Haskell
CSFW '06: Proceedings of the 19th IEEE workshop on Computer Security Foundations

This paper presents an embedded security sublanguage for enforcing information-flow policies in the standard Haskell programming language. The sublanguage provides useful information-flow control mechanisms including dynamic security lattices, run-time ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

CSF '07: Proceedings of the 20th IEEE Computer Security Foundations Symposium

July 2007

394 pages

ISBN:0769528198

Publisher

IEEE Computer Society

United States

Publication History

Published: 06 July 2007

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

21
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 23 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Hirsch ACecchetti E(2021)Giving semantics to program-counter labels via secure effectsProceedings of the ACM on Programming Languages10.1145/34343165:POPL(1-29)Online publication date: 4-Jan-2021
https://dl.acm.org/doi/10.1145/3434316
Nelson LBornholt JKrishnamurthy ATorlak EWang X(2020)Noninterference specifications for secure systemsACM SIGOPS Operating Systems Review10.1145/3421473.342147854:1(31-39)Online publication date: 31-Aug-2020
https://dl.acm.org/doi/10.1145/3421473.3421478
Vassena MRusso AGarg DRajani VStefan D(2019)From fine- to coarse-grained dynamic information flow control and backProceedings of the ACM on Programming Languages10.1145/32903893:POPL(1-31)Online publication date: 2-Jan-2019
https://dl.acm.org/doi/10.1145/3290389
Sigurbjarnarson HNelson LCastro-Karney BBornholt JTorlak EWang XArpaci-Dusseau AVoelker G(2018)NickelProceedings of the 13th USENIX conference on Operating Systems Design and Implementation10.5555/3291168.3291190(287-305)Online publication date: 8-Oct-2018
https://dl.acm.org/doi/10.5555/3291168.3291190
Vassena MRusso AMurray TStefan D(2016)On Formalizing Information-Flow Control LibrariesProceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security10.1145/2993600.2993608(15-28)Online publication date: 24-Oct-2016
https://dl.acm.org/doi/10.1145/2993600.2993608
Buiras PVytiniotis DRusso A(2015)HLIO: mixing static and dynamic typing for information-flow control in HaskellACM SIGPLAN Notices10.1145/2858949.278475850:9(289-301)Online publication date: 29-Aug-2015
https://dl.acm.org/doi/10.1145/2858949.2784758
Buiras PVytiniotis DRusso AFisher KReppy J(2015)HLIO: mixing static and dynamic typing for information-flow control in HaskellProceedings of the 20th ACM SIGPLAN International Conference on Functional Programming10.1145/2784731.2784758(289-301)Online publication date: 29-Aug-2015
https://dl.acm.org/doi/10.1145/2784731.2784758
Hassan DSabry ALazarus RKfoury ABeal J(2013)Encoding secure information flow with restricted delegation and revocation in HaskellProceedings of the 1st annual workshop on Functional programming concepts in domain-specific languages10.1145/2505351.2505354(11-18)Online publication date: 22-Sep-2013
https://dl.acm.org/doi/10.1145/2505351.2505354
Terei DMarlow SPeyton Jones SMazières D(2012)Safe haskellACM SIGPLAN Notices10.1145/2430532.236452447:12(137-148)Online publication date: 13-Sep-2012
https://dl.acm.org/doi/10.1145/2430532.2364524
Muller SChong S(2012)Towards a practical secure concurrent languageACM SIGPLAN Notices10.1145/2398857.238462147:10(57-74)Online publication date: 19-Oct-2012
https://dl.acm.org/doi/10.1145/2398857.2384621
Show More Cited By

Abstract

Cited By

Index Terms

Recommendations

A library for light-weight information-flow security in haskell

A library for light-weight information-flow security in haskell

Encoding Information Flow in Haskell

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations