short-paper

Prudent Design Principles for Information Flow Control

Authors:

Frank Piessens,

Andrei SabelfeldAuthors Info & Claims

PLAS '18: Proceedings of the 13th Workshop on Programming Languages and Analysis for Security

Pages 17 - 23

https://doi.org/10.1145/3264820.3264824

Published: 15 January 2018 Publication History

Abstract

Recent years have seen a proliferation of research on information flow control. While the progress has been tremendous, it has also given birth to a bewildering breed of concepts, policies, conditions, and enforcement mechanisms. Thus, when designing information flow controls for a new application domain, the designer is confronted with two basic questions: (i) What is the right security characterization for a new application domain? and (ii) What is the right enforcement mechanism for a new application domain?

This paper puts forward six informal principles for designing information flow security definitions and enforcement mechanisms: attacker-driven security, trust-aware enforcement, separation of policy annotations and code, language-independence, justified abstraction, and permissiveness. We particularly highlight the core principles of attacker-driven security and trust-aware enforcement, giving us a rationale for deliberating over soundness vs. soundiness. The principles contribute to roadmapping the state of the art in information flow security, weeding out inconsistencies from the folklore, and providing a rationale for designing information flow characterizations and enforcement mechanisms for new application domains.

References

[1]

Martin Abadi and Roger M. Needham. 1996. Prudent Engineering Practice for Cryptographic Protocols. IEEE Trans. Software Eng., Vol. 22, 1 (1996), 6--15.

Digital Library

[2]

Johan Agat. 2000. Transforming Out Timing Leaks. In Proceedings of the 27th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2000, Boston, MA, USA, January 19--21, 2000. ACM, 40--53.

Digital Library

[3]

Aslan Askarov, Sebastian Hunt, Andrei Sabelfeld, and David Sands. 2008. Termination-Insensitive Noninterference Leaks More Than Just a Bit. In Computer Security - ESORICS 2008 - 13th European Symposium on Research in Computer Security, Má laga, Spain, October 6--8, 2008. Proceedings (Lecture Notes in Computer Science), Vol. 5283. Springer, 333--348.

Digital Library

[4]

Aslan Askarov and Andrei Sabelfeld. 2007. Gradual Release: Unifying Declassification, Encryption and Key Release Policies. In 28th IEEE Symposium on Security and Privacy, S&P 2007, Oakland, CA, USA, May 20--23, 2007. IEEE Computer Society, 207--221.

Digital Library

[5]

Aslan Askarov, Danfeng Zhang, and Andrew C. Myers. 2010. Predictive black-box mitigation of timing channels. In Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, IL, USA, October 4--8, 2010. ACM, 297--307.

Digital Library

[6]

Thomas H. Austin and Cormac Flanagan. 2009. Efficient purely-dynamic information flow analysis. In Proceedings of the 2009 Workshop on Programming Languages and Analysis for Security, PLAS 2009, Dublin, Ireland, 15--21 June, 2009. ACM, 113--124.

Digital Library

[7]

Thomas H. Austin and Cormac Flanagan. 2012. Multiple facets for dynamic information flow. In Proceedings of the 39th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2012, Philadelphia, PA, USA, January 22--28, 2012. ACM, 165--178.

Digital Library

[8]

Arthur Azevedo de Amorim, Nathan Collins, André DeHon, Delphine Demange, Cuatualin Hrictcu, David Pichardie, Benjamin C. Pierce, Randy Pollack, and Andrew Tolmach. 2016. A verified information-flow architecture. Journal of Computer Security, Vol. 24, 6 (2016), 667--688.

[9]

Musard Balliu, Daniel Schoepe, and Andrei Sabelfeld. 2017. We Are Family: Relating Information-Flow Trackers. In Computer Security - ESORICS 2017 - 22nd European Symposium on Research in Computer Security, Oslo, Norway, September 11--15, 2017. Proceedings (Lecture Notes in Computer Science), Vol. 10492. Springer, 124--145.

[10]

Gilles Barthe, Salvador Cavadini, and Tamara Rezk. 2008. Tractable Enforcement of Declassification Policies. In Proceedings of the 21st IEEE Computer Security Foundations Symposium, CSF 2008, Pittsburgh, PA, USA, 23--25 June, 2008. IEEE Computer Society, 83--97.

Digital Library

[11]

Gilles Barthe, Juan Manuel Crespo, Dominique Devriese, Frank Piessens, and Exequiel Rivas. 2012. Secure Multi-Execution through Static Program Transformation. In Formal Techniques for Distributed Systems - Joint 14th IFIP WG 6.1 International Conference, FMOODS 2012 and 32nd IFIP WG 6.1 International Conference, FORTE 2012, Stockholm, Sweden, June 13--16, 2012. Proceedings (Lecture Notes in Computer Science), Vol. 7273. Springer, 186--202.

Digital Library

[12]

Lujo Bauer, Shaoying Cai, Limin Jia, Timothy Passaro, Michael Stroucken, and Yuan Tian. 2015. Run-time Monitoring and Formal Analysis of Information Flows in Chromium. In 22nd Annual Network and Distributed System Security Symposium, NDSS 2015, San Diego, CA, USA, February 8--11, 2015. The Internet Society.

[13]

Thomas Bauereiß, Armando Pesenti Gritti, Andrei Popescu, and Franco Raimondi. 2016. CoSMed: A Confidentiality-Verified Social Media Platform. In Interactive Theorem Proving - 7th International Conference, ITP 2016, Nancy, France, August 22--25, 2016, Proceedings (Lecture Notes in Computer Science), Vol. 9807. Springer, 87--106.

[14]

Fré dé ric Besson, Nataliia Bielova, and Thomas P. Jensen. 2013. Hybrid Information Flow Monitoring against Web Tracking. In Proceedings of the 26th IEEE Computer Security Foundations Symposium, CSF New Orleans, LA, USA, 26--28 June, 2013. IEEE Computer Society, 240--254.

Digital Library

[15]

Abhishek Bichhawat, Vineet Rajani, Deepak Garg, and Christian Hammer. 2014. Information Flow Control in WebKit's JavaScript Bytecode. In Principles of Security and Trust - 3rd International Conference, POST 2014, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2014, Grenoble, France, April 5--13, 2014, Proceedings (Lecture Notes in Computer Science), Vol. 8414. Springer, 159--178.

[16]

Nataliia Bielova. 2013. Survey on JavaScript security policies and their enforcement mechanisms in a web browser. J. Log. Algebr. Program., Vol. 82, 8 (2013), 243--262.

[17]

Nataliia Bielova and Tamara Rezk. 2016. A Taxonomy of Information Flow Monitors. In Principles of Security and Trust - 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2--8, 2016, Proceedings (Lecture Notes in Computer Science), Vol. 9635. Springer, 46--67.

[18]

Arnar Birgisson, Alejandro Russo, and Andrei Sabelfeld. 2010. Unifying Facets of Information Integrity. In Information Systems Security - 6th International Conference, ICISS 2010, Gandhinagar, India, December 17--19, 2010. Proceedings (Lecture Notes in Computer Science), Vol. 6503. Springer, 48--65.

Digital Library

[19]

Niklas Broberg, Bart van Delft, and David Sands. 2015. The Anatomy and Facets of Dynamic Policies. In IEEE 28th Computer Security Foundations Symposium, CSF 2015, Verona, Italy, 13--17 July, 2015. IEEE Computer Society, 122--136.

Digital Library

[20]

Stefano Calzavara, Ilya Grishchenko, and Matteo Maffei. 2016. HornDroid: Practical and Sound Static Analysis of Android Applications by SMT Solving. In IEEE European Symposium on Security and Privacy, EuroS&P 2016, Saarbrü cken, Germany, March 21--24, 2016. IEEE, 47--62.

[21]

Richard M. Chang, Guofei Jiang, Franjo Ivancic, Sriram Sankaranarayanan, and Vitaly Shmatikov. 2009. Inputs of Coma: Static Detection of Denial-of-Service Vulnerabilities. In Proceedings of the 22nd IEEE Computer Security Foundations Symposium, CSF 2009, Port Jefferson, NY, USA, 8--10 July, 2009. IEEE Computer Society, 186--199.

Digital Library

[22]

Ellis S. Cohen. 1977. Information Transmission in Computational Systems. In Proceedings of the Sixth Symposium on Operating System Principles, SOSP 1977, Purdue University, West Lafayette, Indiana, USA, November 16--18, 1977. ACM, 133--139.

Digital Library

[23]

Dorothy E. Denning and Peter J. Denning. 1977. Certification of Programs for Secure Information Flow. Commun. ACM, Vol. 20, 7 (1977), 504--513.

Digital Library

[24]

Dominique Devriese and Frank Piessens. 2010. Noninterference through Secure Multi-execution. In 31st IEEE Symposium on Security and Privacy, S&P 2010, Oakland, CA, USA, May 16--19, 2010. IEEE Computer Society, 109--124.

Digital Library

[25]

William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick D. McDaniel, and Anmol Sheth. 2010. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. In 9th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2010, October 4--6, 2010, Vancouver, BC, Canada, Proceedings. USENIX Association, 393--407.

Digital Library

[26]

Jeffrey S. Fenton. 1974. Memoryless Subsystems. Comput. J., Vol. 17, 2 (1974), 143--147.

[27]

Christian Fritz, Steven Arzt, and Siegfried Rasthofer. 2018. DroidBench: A micro-benchmark suite to assess the stability of taint-analysis tools for Android. https://github.com/secure-software-engineering/DroidBench.

[28]

Joseph A. Goguen and José Meseguer. 1982. Security Policies and Security Models. In 1982 IEEE Symposium on Security and Privacy, S&P 1982, Oakland, CA, USA, April 26--28, 1982. IEEE Computer Society, 11--20.

[29]

Joseph A. Goguen and José Meseguer. 1984. Unwinding and Inference Control. In 1984 IEEE Symposium on Security and Privacy, S&P 1984, Oakland, CA, USA, April 29 - May 2, 1984. IEEE Computer Society, 75--87.

[30]

Michael I. Gordon, Deokhwan Kim, Jeff H. Perkins, Limei Gilham, Nguyen Nguyen, and Martin C. Rinard. 2015. Information Flow Analysis of Android Applications in DroidSafe. In 22nd Annual Network and Distributed System Security Symposium, NDSS 2015, San Diego, CA, USA, February 8--11, 2015. The Internet Society.

[31]

Willem De Groef, Dominique Devriese, Nick Nikiforakis, and Frank Piessens. 2012. FlowFox: a web browser with flexible and precise information flow control. In Proceedings of the 19th ACM Conference on Computer and Communications Security, CCS 2012, Raleigh, NC, USA, October 16--18, 2012. ACM, 748--759.

Digital Library

[32]

Roberto Guanciale, Hamed Nemati, Mads Dam, and Christoph Baumann. 2016. Provably secure memory isolation for Linux on ARM. Journal of Computer Security, Vol. 24, 6 (2016), 793--837.

[33]

Gurvan Le Guernic. 2007. Automaton-based Confidentiality Monitoring of Concurrent Programs. In Proceedings of the 20th IEEE Computer Security Foundations Symposium, CSF 2007, Venice, Italy, 6--8 July, 2007. IEEE Computer Society, 218--232.

Digital Library

[34]

Christian Haack, Erik Poll, and Aleksy Schubert. 2009. Explicit information flow properties in JML. Proc. WISSEC (2009).

[35]

Joseph Y. Halpern and Kevin R. O'Neill. 2008. Secrecy in Multiagent Systems. ACM Trans. Inf. Syst. Secur., Vol. 12, 1 (2008), 5:1--5:47.

Digital Library

[36]

Christian Hammer and Gregor Snelting. 2009. Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs. Int. J. Inf. Sec., Vol. 8, 6 (2009), 399--422.

Digital Library

[37]

Daniel Hedin, Luciano Bello, and Andrei Sabelfeld. 2016. Information-flow security for JavaScript and its APIs. Journal of Computer Security, Vol. 24, 2 (2016), 181--234.

[38]

D. Hedin, A. Birgisson, L. Bello, and A. Sabelfeld. 2014. JSFlow: Tracking Information Flow in JavaScript and its APIs. In SAC.

Digital Library

[39]

Daniel Hedin and Andrei Sabelfeld. 2012. A Perspective on Information-Flow Control. In Software Safety and Security. NATO Science for Peace and Security Series - D: Information and Communication Security, Vol. 33. IOS Press, 319--347.

[40]

Cormac Herley and Paul C. van Oorschot. 2017. SoK: Science, Security and the Elusive Goal of Security as a Scientific Pursuit. In 38th IEEE Symposium on Security and Privacy, S&P 2017, San Jose, CA, USA, May 22--26, 2017. IEEE Computer Society, 99--120.

[41]

Sebastian Hunt and David Sands. 2006. On flow-sensitive security types. In Proceedings of the 33rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2006, Charleston, SC, USA, January 11--13, 2006. ACM, 79--90.

Digital Library

[42]

Dongseok Jang, Ranjit Jhala, Sorin Lerner, and Hovav Shacham. 2010. An empirical study of privacy-violating information flows in JavaScript web applications. In Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, IL, USA, October 4--8, 2010. ACM, 270--283.

Digital Library

[43]

Dongseok Jang, Zachary Tatlock, and Sorin Lerner. 2012. Establishing Browser Security Guarantees through Formal Shim Verification. In Proceedings of the 21th USENIX Security Symposium, USENIX Security 12, Bellevue, WA, USA, 8--10 August, 2012. USENIX Association, 113--128.

Digital Library

[44]

Limin Jia, Jassim Aljuraidan, Elli Fragkaki, Lujo Bauer, Michael Stroucken, Kazuhide Fukushima, Shinsaku Kiyomoto, and Yutaka Miyake. 2013. Run-Time Enforcement of Information-Flow Properties on Android - (Extended Abstract). In Computer Security - ESORICS 2013 - 18th European Symposium on Research in Computer Security, Egham, UK, September 9--13, 2013. Proceedings (Lecture Notes in Computer Science), Vol. 8134. Springer, 775--792.

[45]

Sudeep Kanav, Peter Lammich, and Andrei Popescu. 2014. A Conference Management System with Verified Document Confidentiality. In Computer Aided Verification - 26th International Conference, CAV 2014, Held as Part of the Vienna Summer of Logic, VSL 2014, Vienna, Austria, July 18--22, 2014. Proceedings (Lecture Notes in Computer Science), Vol. 8559. Springer, 167--183.

Digital Library

[46]

Dave King, Boniface Hicks, Michael Hicks, and Trent Jaeger. 2008. Implicit Flows: Can't Live with 'Em, Can't Live without 'Em. In Information Systems Security, 4th International Conference, ICISS 2008, Hyderabad, India, December 16--20, 2008. Proceedings (Lecture Notes in Computer Science), Vol. 5352. Springer, 56--70.

Digital Library

[47]

Boris Kö pf and David A. Basin. 2006. Timing-Sensitive Information Flow Analysis for Synchronous Systems. In Computer Security - ESORICS 2006 - 11th European Symposium on Research in Computer Security, Hamburg, Germany, September 18--20, 2006. Proceedings (Lecture Notes in Computer Science), Vol. 4189. Springer, 243--262.

Digital Library

[48]

Carl E. Landwehr, Dan Boneh, John C. Mitchell, Steven M. Bellovin, Susan Landau, and Michael E. Lesk. 2012. Privacy and Cybersecurity: The Next 100 Years. Proc. IEEE, Vol. 100, Centennial-Issue (2012), 1659--1673.

[49]

Gurvan Le Guernic. 2007. Confidentiality Enforcement Using Dynamic Information Flow Analyses. Ph.D. Dissertation. Kansas State University. http://tel.archives-ouvertes.fr/tel-00198621/fr/

Digital Library

[50]

Jed Liu, Owen Arden, Michael D. George, and Andrew C. Myers. 2017. Fabric: Building open distributed systems securely by construction. Journal of Computer Security, Vol. 25, 4--5 (2017), 367--426.

Digital Library

[51]

Benjamin Livshits, Manu Sridharan, Yannis Smaragdakis, Ondrej Lhotá k, José Nelson Amaral, Bor-Yuh Evan Chang, Samuel Z. Guyer, Uday P. Khedker, Anders Møller, and Dimitrios Vardoulakis. 2015. In defense of soundiness: a manifesto. Commun. ACM, Vol. 58, 2 (2015), 44--46.

Digital Library

[52]

Heiko Mantel. 2002. On the Composition of Secure Systems. In 23rd IEEE Symposium on Security and Privacy, S&P 2002, Oakland, CA, USA, May 12--15, 2002. IEEE Computer Society, 88--101.

Digital Library

[53]

Heiko Mantel, David Sands, and Henning Sudbrock. 2011. Assumptions and Guarantees for Compositional Noninterference. In Proceedings of the 24th IEEE Computer Security Foundations Symposium, CSF 2011, Cernay-la-Ville, France, 27--29 June, 2011. IEEE Computer Society, 218--232.

Digital Library

[54]

Heiko Mantel and Artem Starostin. 2015. Transforming Out Timing Leaks, More or Less. In Computer Security - ESORICS 2015 - 20th European Symposium on Research in Computer Security, Vienna, Austria, September 21--25, 2015. Proceedings (Lecture Notes in Computer Science), Vol. 9326. Springer, 447--467.

Digital Library

[55]

Isabella Mastroeni. 2013. Abstract interpretation-based approaches to Security - A Survey on Abstract Non-Interference and its Challenging Applications. arXiv preprint arXiv:1309.5131, Vol. 129 (2013), 41--65.

[56]

Gary McGraw and J. Gregory Morrisett. 2000. Attacking Malicious Code: A Report to the Infosec Research Council. IEEE Software, Vol. 17, 5 (2000), 33--41.

Digital Library

[57]

Scott Moore, Aslan Askarov, and Stephen Chong. 2012. Precise enforcement of progress-sensitive security. In Proceedings of the 19th ACM Conference on Computer and Communications Security, CCS 2012, Raleigh, NC, USA, October 16--18, 2012. ACM, 881--893.

Digital Library

[58]

Scott Moore and Stephen Chong. 2011. Static Analysis for Efficient Hybrid Information-Flow Control. In Proceedings of the 24th IEEE Computer Security Foundations Symposium, CSF 2011, Cernay-la-Ville, France, 27--29 June, 2011. IEEE Computer Society, 146--160.

Digital Library

[59]

Toby C. Murray, Daniel Matichuk, Matthew Brassil, Peter Gammie, Timothy Bourke, Sean Seefried, Corey Lewis, Xin Gao, and Gerwin Klein. 2013. seL4: From General Purpose to a Proof of Information Flow Enforcement. In 34th IEEE Symposium on Security and Privacy, S&P 2013, Berkeley, CA, USA, May 19--22, 2013. IEEE Computer Society, San Francisco, CA, 415--429.

Digital Library

[60]

Toby C. Murray, Andrei Sabelfeld, and Lujo Bauer. 2017. Special issue on verified information flow security. Journal of Computer Security, Vol. 25, 4--5 (2017), 319--321.

[61]

Toby C. Murray, Robert Sison, Edward Pierzchalski, and Christine Rizkallah. 2016. Compositional Verification and Refinement of Concurrent Value-Dependent Noninterference. In Proceedings of the 29th IEEE Computer Security Foundations Symposium, CSF 2016, Lisbon, Portugal, June 27 - July 1, 2016. IEEE Computer Society, 417--431.

[62]

David A. Naumann. 2006. From Coupling Relations to Mated Invariants for Checking Information Flow. In Computer Security - ESORICS 2006 - 11th European Symposium on Research in Computer Security, Hamburg, Germany, September 18--20, 2006. Proceedings (Lecture Notes in Computer Science), Vol. 4189. Springer, 279--296.

Digital Library

[63]

Kevin R. O'Neill, Michael R. Clarkson, and Stephen Chong. 2006. Information-Flow Security for Interactive Programs. In Proceedings of the 19th IEEE Computer Security Foundations Workshop, CSFW 2006, Venice, Italy, 5--7 July, 2006. IEEE Computer Society, 190--201.

Digital Library

[64]

Willard Rafnsson, Deepak Garg, and Andrei Sabelfeld. 2016. Progress-Sensitive Security for SPARK. In Engineering Secure Software and Systems - 8th International Symposium, ESSoS 2016, London, UK, April 6--8, 2016. Proceedings (Lecture Notes in Computer Science), Vol. 9639. Springer, 20--37.

Digital Library

[65]

Alejandro Russo and Andrei Sabelfeld. 2010. Dynamic vs. Static Flow-Sensitive Security Analysis. In Proceedings of the 23rd IEEE Computer Security Foundations Symposium, CSF 2010, Edinburgh, United Kingdom, 17--19 July, 2010. IEEE Computer Society, 186--199.

Digital Library

[66]

Alejandro Russo, Andrei Sabelfeld, and Keqin Li. 2010. Implicit flows in malicious and nonmalicious code. In Logics and Languages for Reliability and Security. NATO Science for Peace and Security Series - D: Information and Communication Security, Vol. 25. IOS Press, 301--322.

[67]

Andrei Sabelfeld and Andrew C. Myers. 2003 a. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, Vol. 21, 1 (2003), 5--19.

Digital Library

[68]

Andrei Sabelfeld and Andrew C. Myers. 2003 b. A Model for Delimited Information Release. In Software Security - Theories and Systems, Second Mext-NSF-JSPS International Symposium, ISSS 2003, Tokyo, Japan, November 4--6, 2003, Revised Papers. 174--191.

[69]

Andrei Sabelfeld and David Sands. 2000. Probabilistic Noninterference for Multi-Threaded Programs. In Proceedings of the 13th IEEE Computer Security Foundations Workshop, CSFW '00, Cambridge, England, UK, 3--5 July, 2000. IEEE Computer Society, 200--214.

Digital Library

[70]

Andrei Sabelfeld and David Sands. 2009. Declassification: Dimensions and principles. Journal of Computer Security, Vol. 17, 5 (2009), 517--548.

Digital Library

[71]

Daniel Schoepe, Musard Balliu, Benjamin C. Pierce, and Andrei Sabelfeld. 2016. Explicit Secrecy: A Policy for Taint Tracking. In IEEE European Symposium on Security and Privacy, EuroS&P 2016, Saarbrü cken, Germany, March 21--24, 2016. IEEE, 15--30.

[72]

Edward J. Schwartz, Thanassis Avgerinos, and David Brumley. 2010. All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but Might Have Been Afraid to Ask). In 31st IEEE Symposium on Security and Privacy, S&P 2010, Oakland, CA, USA, May 16--19, 2010. IEEE Computer Society, 317--331.

Digital Library

[73]

Geoffrey Smith. 2009. On the Foundations of Quantitative Information Flow. In Foundations of Software Science and Computational Structures, 12th International Conference, FOSSACS 2009, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009, York, UK, March 22--29, 2009. Proceedings (Lecture Notes in Computer Science), Vol. 5504. Springer, 288--302.

[74]

Jonathan M. Spring, Tyler Moore, and David J. Pym. 2017. Practicing a Science of Security: A Philosophy of Science Perspective. In NSPW. ACM, 1--18.

Digital Library

[75]

Deian Stefan, Pablo Buiras, Edward Z. Yang, Amit Levy, David Terei, Alejandro Russo, and David Maziè res. 2013. Eliminating Cache-Based Timing Attacks with Instruction-Based Scheduling. In Computer Security - ESORICS 2013 - 18th European Symposium on Research in Computer Security, Egham, UK, September 9--13, 2013. Proceedings (Lecture Notes in Computer Science), Vol. 8134. Springer, 718--735.

[76]

Terkel K. Tolstrup, Flemming Nielson, and Hanne Riis Nielson. 2005. Information Flow Analysis for VHDL. In Parallel Computing Technologies, 8th International Conference, PaCT 2005, Krasnoyarsk, Russia, September 5--9, 2005, Proceedings (Lecture Notes in Computer Science), Vol. 3606. Springer, 79--98.

Digital Library

[77]

Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Krü gel, and Giovanni Vigna. 2007. Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis. In 14th Annual Network and Distributed System Security Symposium, NDSS 2007, San Diego, CA, USA, February 28 - March 2, 2007. The Internet Society.

[78]

Dennis M. Volpano. 1999. Safety versus Secrecy. In Static Analysis, 6th International Symposium, SAS '99, Venice, Italy, September 22--24, 1999, Proceedings (Lecture Notes in Computer Science), Vol. 1694. Springer, 303--311.

Digital Library

[79]

Dennis M. Volpano, Cynthia E. Irvine, and Geoffrey Smith. 1996. A Sound Type System for Secure Flow Analysis. Journal of Computer Security, Vol. 4, 2/3 (1996), 167--188.

Digital Library

[80]

Valentin Wü stholz, Oswaldo Olivo, Marijn J. H. Heule, and Isil Dillig. 2017. Static Detection of DoS Vulnerabilities in Programs that Use Regular Expressions. In Tools and Algorithms for the Construction and Analysis of Systems - 23rd International Conference, TACAS 2017, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2017, Uppsala, Sweden, April 22--29, 2017, Proceedings, Part II (Lecture Notes in Computer Science), Vol. 10206. Springer, 3--20.

Digital Library

[81]

Wei You, Bin Liang, Jingzhe Li, Wenchang Shi, and Xiangyu Zhang. 2015. Android Implicit Information Flow Demystified. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, ASIA CCS '15, Singapore, April 14--17, 2015. ACM, 585--590.

Digital Library

[82]

Stephan Zdancewic. 2002. Programming Languages for Information Security. Ph.D. Dissertation. Cornell University.

Digital Library

[83]

S. Zdancewic and A. C. Myers. 2001. Robust Declassification. In Computer Security Foundations Workshop.

Digital Library

[84]

Danfeng Zhang, Yao Wang, G. Edward Suh, and Andrew C. Myers. 2015. A Hardware Design Language for Timing-Sensitive Information-Flow Security. In Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS '15, Istanbul, Turkey, March 14--18, 2015. ACM, 503--516.

Digital Library

Cited By

Li PZhang D(2022)Towards a General-Purpose Dynamic Information Flow Policy2022 IEEE 35th Computer Security Foundations Symposium (CSF)10.1109/CSF54842.2022.9919639(260-275)Online publication date: Aug-2022
https://doi.org/10.1109/CSF54842.2022.9919639
Harley KCooper R(2021)Information IntegrityACM Computing Surveys10.1145/343681754:2(1-35)Online publication date: 9-Feb-2021
https://dl.acm.org/doi/10.1145/3436817
Bay JAskarov A(2020)Reconciling progress-insensitive noninterference and declassification2020 IEEE 33rd Computer Security Foundations Symposium (CSF)10.1109/CSF49147.2020.00015(95-106)Online publication date: Jun-2020
https://doi.org/10.1109/CSF49147.2020.00015
Show More Cited By

Index Terms

Prudent Design Principles for Information Flow Control
1. Security and privacy
  1. Formal methods and theory of security

Recommendations

Nonmalleable Information Flow Control
CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

Noninterference is a popular semantic security condition because it offers strong end-to-end guarantees, it is inherently compositional, and it can be enforced using a simple security type system. Unfortunately, it is too restrictive for real systems. ...
An information flow control meta-model
SACMAT '13: Proceedings of the 18th ACM symposium on Access control models and technologies

In this paper a meta-model for information flow control is defined using the foundation of Barker's access control meta-model. The purposes for defining this meta-model is to achieve a more principled understanding of information flow control, to ...
Security Information Flow Control Model and Method in MILS
CIS '12: Proceedings of the 2012 Eighth International Conference on Computational Intelligence and Security

Multiple Independent Levels of Security (MILS) is a high-assurance architecture which protects information sharing at different security levels. MILS ensures mutual independence and prevents the spread of the error effectively between partitions. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

PLAS '18: Proceedings of the 13th Workshop on Programming Languages and Analysis for Security

October 2018

59 pages

ISBN:9781450359931

DOI:10.1145/3264820

General Chairs:
Mário S. Alvim
UFMG, Brazil
,
Stéphanie Delaune
Univ Rennes, CNRS, IRISA, France

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 January 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

CCS '18

Sponsor:

SIGSAC

CCS '18: 2018 ACM SIGSAC Conference on Computer and Communications Security

October 15 - 19, 2018

Toronto, Canada

Acceptance Rates

PLAS '18 Paper Acceptance Rate 2 of 4 submissions, 50%;

Overall Acceptance Rate 43 of 77 submissions, 56%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
186
Total Downloads

Downloads (Last 12 months)14
Downloads (Last 6 weeks)2

Reflects downloads up to 12 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Li PZhang D(2022)Towards a General-Purpose Dynamic Information Flow Policy2022 IEEE 35th Computer Security Foundations Symposium (CSF)10.1109/CSF54842.2022.9919639(260-275)Online publication date: Aug-2022
https://doi.org/10.1109/CSF54842.2022.9919639
Harley KCooper R(2021)Information IntegrityACM Computing Surveys10.1145/343681754:2(1-35)Online publication date: 9-Feb-2021
https://dl.acm.org/doi/10.1145/3436817
Bay JAskarov A(2020)Reconciling progress-insensitive noninterference and declassification2020 IEEE 33rd Computer Security Foundations Symposium (CSF)10.1109/CSF49147.2020.00015(95-106)Online publication date: Jun-2020
https://doi.org/10.1109/CSF49147.2020.00015
Schoepe DMurray TSabelfeld A(2020)VERONICA: Expressive and Precise Concurrent Information Flow Security2020 IEEE 33rd Computer Security Foundations Symposium (CSF)10.1109/CSF49147.2020.00014(79-94)Online publication date: Jun-2020
https://doi.org/10.1109/CSF49147.2020.00014
Gregersen SThomsen SAskarov A(2019)A Dependently Typed Library for Static Information-Flow Control in IdrisUrbanization and Its Impact in Contemporary China10.1007/978-3-030-17138-4_3(51-75)Online publication date: 3-Apr-2019
https://doi.org/10.1007/978-3-030-17138-4_3

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents