Article

Timing- and Termination-Sensitive Secure Information Flow: Exploring a New Approach

Authors:

Vineeth Kashyap,

Ben Wiedermann,

Ben HardekopfAuthors Info & Claims

SP '11: Proceedings of the 2011 IEEE Symposium on Security and Privacy

Pages 413 - 428

https://doi.org/10.1109/SP.2011.19

Published: 22 May 2011 Publication History

Abstract

Secure information flow guarantees the secrecy and integrity of data, preventing an attacker from learning secret information (secrecy) or injecting untrusted information (integrity). Covert channels can be used to subvert these security guarantees, for example, timing and termination channels can, either intentionally or inadvertently, violate these guarantees by modifying the timing or termination behavior of a program based on secret or untrusted data. Attacks using these covert channels have been published and are known to work in practiceâ "as techniques to prevent non-covert channels are becoming increasingly practical, covert channels are likely to become even more attractive for attackers to exploit. The goal of this paper is to understand the subtleties of timing- and termination-sensitive noninterference, explore the space of possible strategies for enforcing noninterference guarantees, and formalize the exact guarantees that these strategies can enforce. As a result of this effort we create a novel strategy that provides stronger security guarantees than existing work, and we clarify claims in existing work about what guarantees can be made.

Cited By

View all

Miao YKandemir MZhang DZhang YTan GWu D(2023)Hardware Support for Constant-Time ProgrammingProceedings of the 56th Annual IEEE/ACM International Symposium on Microarchitecture10.1145/3613424.3623796(856-870)Online publication date: 28-Oct-2023
https://dl.acm.org/doi/10.1145/3613424.3623796
Hecker MBischof SSnelting G(2021)On Time-sensitive Control DependenciesACM Transactions on Programming Languages and Systems10.1145/348600344:1(1-37)Online publication date: 9-Dec-2021
https://dl.acm.org/doi/10.1145/3486003
Busi MNoorman JVan Bulck JGalletta LDegano PMühlberg JPiessens F(2021)Securing Interruptible Enclaved Execution on Small MicroprocessorsACM Transactions on Programming Languages and Systems10.1145/347053443:3(1-77)Online publication date: 3-Sep-2021
https://dl.acm.org/doi/10.1145/3470534
Show More Cited By

Index Terms

Timing- and Termination-Sensitive Secure Information Flow: Exploring a New Approach

Recommendations

Addressing covert termination and timing channels in concurrent information flow systems
ICFP '12: Proceedings of the 17th ACM SIGPLAN international conference on Functional programming

When termination of a program is observable by an adversary, confidential information may be leaked by terminating accordingly. While this termination covert channel has limited bandwidth for sequential programs, it is a more dangerous source of ...
Timing-Sensitive Synchronization for Efficient Secure Multi-Execution
CCSW'19: Proceedings of the 2019 ACM SIGSAC Conference on Cloud Computing Security Workshop

Secure Multi-Execution (SME) is a promising solution for precise automatic information flow control that can be used to transform potentially vulnerable programs into secure variants. However, due to the multi-execution, it comes with high resource ...
Language-based information-flow security

Current standard security practices do not provide substantial assurance that the end-to-end behavior of a computing system satisfies important security policies such as confidentiality. An end-to-end confidentiality policy might assert that secret ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

SP '11: Proceedings of the 2011 IEEE Symposium on Security and Privacy

May 2011

527 pages

ISBN:9780769544021

Publisher

IEEE Computer Society

United States

Publication History

Published: 22 May 2011

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

38
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 18 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Miao YKandemir MZhang DZhang YTan GWu D(2023)Hardware Support for Constant-Time ProgrammingProceedings of the 56th Annual IEEE/ACM International Symposium on Microarchitecture10.1145/3613424.3623796(856-870)Online publication date: 28-Oct-2023
https://dl.acm.org/doi/10.1145/3613424.3623796
Hecker MBischof SSnelting G(2021)On Time-sensitive Control DependenciesACM Transactions on Programming Languages and Systems10.1145/348600344:1(1-37)Online publication date: 9-Dec-2021
https://dl.acm.org/doi/10.1145/3486003
Busi MNoorman JVan Bulck JGalletta LDegano PMühlberg JPiessens F(2021)Securing Interruptible Enclaved Execution on Small MicroprocessorsACM Transactions on Programming Languages and Systems10.1145/347053443:3(1-77)Online publication date: 3-Sep-2021
https://dl.acm.org/doi/10.1145/3470534
Pfeffer TGlesner SSion RPapamanthou C(2019)Timing-Sensitive Synchronization for Efficient Secure Multi-ExecutionProceedings of the 2019 ACM SIGSAC Conference on Cloud Computing Security Workshop10.1145/3338466.3358914(153-164)Online publication date: 11-Nov-2019
https://dl.acm.org/doi/10.1145/3338466.3358914
Pfeffer TGöthel TGlesner SAhn GThuraisingham BKantarcioglu MKrishnan R(2019)Efficient and Precise Information Flow Control for Machine Code through Demand-Driven Secure Multi-ExecutionProceedings of the Ninth ACM Conference on Data and Application Security and Privacy10.1145/3292006.3300040(197-208)Online publication date: 13-Mar-2019
https://dl.acm.org/doi/10.1145/3292006.3300040
Alpernas KFlanagan CFouladi SRyzhyk LSagiv MSchmitz TWinstein K(2018)Secure serverless computing using dynamic information flow controlProceedings of the ACM on Programming Languages10.1145/32764882:OOPSLA(1-26)Online publication date: 24-Oct-2018
https://dl.acm.org/doi/10.1145/3276488
Schmitz TAlgehed MFlanagan CRusso ALie DMannan MBackes MWang X(2018)Faceted Secure Multi ExecutionProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243806(1617-1634)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243806
Hunt TZhu ZXu YPeter SWitchel E(2018)RyoanACM Transactions on Computer Systems10.1145/323159435:4(1-32)Online publication date: 16-Dec-2018
https://dl.acm.org/doi/10.1145/3231594
Ngo MBielova NFlanagan CRezk TRusso ASchmitz TChampin PGandon FMédini LLalmas MIpeirotis P(2018)A Better Facet of Dynamic Information Flow ControlCompanion Proceedings of the The Web Conference 201810.1145/3184558.3185979(731-739)Online publication date: 23-Apr-2018
https://dl.acm.org/doi/10.1145/3184558.3185979
Cabon GSchmitt ABielova NGaboardi M(2017)Annotated Multisemantics To Prove Non-Interference AnalysesProceedings of the 2017 Workshop on Programming Languages and Analysis for Security10.1145/3139337.3139344(49-62)Online publication date: 30-Oct-2017
https://dl.acm.org/doi/10.1145/3139337.3139344
Show More Cited By

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

Cited By

Index Terms

Recommendations

Addressing covert termination and timing channels in concurrent information flow systems

Timing-Sensitive Synchronization for Efficient Secure Multi-Execution

Language-based information-flow security

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations