Article

Securing Interaction between Threads and the Scheduler

Authors:

Alejandro Russo,

Andrei SabelfeldAuthors Info & Claims

CSFW '06: Proceedings of the 19th IEEE workshop on Computer Security Foundations

Pages 177 - 189

https://doi.org/10.1109/CSFW.2006.29

Published: 05 July 2006 Publication History

Publisher Site

Abstract

The problem of information flow in multithreaded programs remains an important open challenge. Existing approaches to specifying and enforcing information-flow security often suffer from over-restrictiveness, relying on non-standard semantics, lack of compositionality, inability to handle dynamic threads, scheduler dependence, and efficiency overhead for code that results from securityenforcing transformations. This paper suggests a remedy for some of these shortcomings by developing a novel treatment of the interaction between threads and the scheduler. As a result, we present a permissive noninterference-like security specification and a compositional security type system that provably enforces this specification. The type system guarantees security for a wide class of schedulers and provides a flexible and efficiency-friendly treatment of dynamic threads.

Cited By

View all

Vassena MRusso AMurray TStefan D(2016)On Formalizing Information-Flow Control LibrariesProceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security10.1145/2993600.2993608(15-28)Online publication date: 24-Oct-2016
https://dl.acm.org/doi/10.1145/2993600.2993608
Iranmanesh ZFallah M(2016)Specification and static enforcement of scheduler-independent noninterference in a middleweight JavaComputer Languages, Systems and Structures10.1016/j.cl.2016.05.00346:C(20-43)Online publication date: 1-Nov-2016
https://dl.acm.org/doi/10.1016/j.cl.2016.05.003
Heule SStefan DYang EMitchell JRusso A(2015)IFC InsideProceedings of the 4th International Conference on Principles of Security and Trust - Volume 903610.1007/978-3-662-46666-7_2(11-31)Online publication date: 11-Apr-2015
https://dl.acm.org/doi/10.1007/978-3-662-46666-7_2
Show More Cited By

Index Terms

Securing Interaction between Threads and the Scheduler
1. Security and privacy
  1. Systems security
    1. Operating systems security
2. Software and its engineering
  1. Software organization and properties
    1. Contextual software domains
      1. Operating systems
        Process management
        Multithreading
        Scheduling

Recommendations

Avoiding scheduler subversion using scheduler-cooperative locks
EuroSys '20: Proceedings of the Fifteenth European Conference on Computer Systems

We introduce the scheduler subversion problem, where lock usage patterns determine which thread runs, thereby subverting CPU scheduling goals. To mitigate this problem, we introduce Scheduler-Cooperative Locks (SCLs), a new family of locking primitives ...
Execution privatization for scheduler-oblivious concurrent programs
OOPSLA '12: Proceedings of the ACM international conference on Object oriented programming systems languages and applications

Making multithreaded execution less non-deterministic is a promising solution to address the difficulty of concurrent programming plagued by the non-deterministic thread scheduling. In fact, a vast category of concurrent programs are scheduler-oblivious:...
Execution privatization for scheduler-oblivious concurrent programs
OOPSLA '12

Making multithreaded execution less non-deterministic is a promising solution to address the difficulty of concurrent programming plagued by the non-deterministic thread scheduling. In fact, a vast category of concurrent programs are scheduler-oblivious:...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

CSFW '06: Proceedings of the 19th IEEE workshop on Computer Security Foundations

July 2006

307 pages

ISBN:0769526152

Publisher

IEEE Computer Society

United States

Publication History

Published: 05 July 2006

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

25
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 23 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Vassena MRusso AMurray TStefan D(2016)On Formalizing Information-Flow Control LibrariesProceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security10.1145/2993600.2993608(15-28)Online publication date: 24-Oct-2016
https://dl.acm.org/doi/10.1145/2993600.2993608
Iranmanesh ZFallah M(2016)Specification and static enforcement of scheduler-independent noninterference in a middleweight JavaComputer Languages, Systems and Structures10.1016/j.cl.2016.05.00346:C(20-43)Online publication date: 1-Nov-2016
https://dl.acm.org/doi/10.1016/j.cl.2016.05.003
Heule SStefan DYang EMitchell JRusso A(2015)IFC InsideProceedings of the 4th International Conference on Principles of Security and Trust - Volume 903610.1007/978-3-662-46666-7_2(11-31)Online publication date: 11-Apr-2015
https://dl.acm.org/doi/10.1007/978-3-662-46666-7_2
Buiras PLevy AStefan DRusso AMazières D(2013)A Library for Removing Cache-Based Attacks in Concurrent Information Flow Systems8th International Symposium on Trustworthy Global Computing - Volume 835810.1007/978-3-319-05119-2_12(199-216)Online publication date: 30-Aug-2013
https://dl.acm.org/doi/10.1007/978-3-319-05119-2_12
Muller SChong S(2012)Towards a practical secure concurrent languageACM SIGPLAN Notices10.1145/2398857.238462147:10(57-74)Online publication date: 19-Oct-2012
https://dl.acm.org/doi/10.1145/2398857.2384621
Stefan DRusso ABuiras PLevy AMitchell JMaziéres D(2012)Addressing covert termination and timing channels in concurrent information flow systemsACM SIGPLAN Notices10.1145/2398856.236455747:9(201-214)Online publication date: 9-Sep-2012
https://dl.acm.org/doi/10.1145/2398856.2364557
Muller SChong SLeavens GDwyer M(2012)Towards a practical secure concurrent languageProceedings of the ACM international conference on Object oriented programming systems languages and applications10.1145/2384616.2384621(57-74)Online publication date: 19-Oct-2012
https://dl.acm.org/doi/10.1145/2384616.2384621
Stefan DRusso ABuiras PLevy AMitchell JMaziéres DThiemann PFindler R(2012)Addressing covert termination and timing channels in concurrent information flow systemsProceedings of the 17th ACM SIGPLAN international conference on Functional programming10.1145/2364527.2364557(201-214)Online publication date: 9-Sep-2012
https://dl.acm.org/doi/10.1145/2364527.2364557
Zhang DAskarov AMyers A(2012)Language-based control and mitigation of timing channelsACM SIGPLAN Notices10.1145/2345156.225407847:6(99-110)Online publication date: 11-Jun-2012
https://dl.acm.org/doi/10.1145/2345156.2254078
Zhang DAskarov AMyers AVitek JLin HTip F(2012)Language-based control and mitigation of timing channelsProceedings of the 33rd ACM SIGPLAN Conference on Programming Language Design and Implementation10.1145/2254064.2254078(99-110)Online publication date: 11-Jun-2012
https://dl.acm.org/doi/10.1145/2254064.2254078
Show More Cited By

Abstract

Cited By

Index Terms

Recommendations

Avoiding scheduler subversion using scheduler-cooperative locks

Execution privatization for scheduler-oblivious concurrent programs

Execution privatization for scheduler-oblivious concurrent programs

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations