Abstract
A classic problem in security is to determine whether a program has secure information flow. Informally, this problem is described as follows: Given a program with variables partitioned into two disjoint sets of “high-security” and “low-security” variables, check whether observations of the low-security variables reveal any information about the initial values of the high-security variables. Although the problem has been studied for several decades, most previous approaches have been syntactic in nature, often using type systems and compiler data flow analysis techniques to analyze program texts. This paper presents a considerably different approach to checking secure information flow, based on a semantic characterization. A semantic approach has several desirable features. Firstly, it gives a more precise characterization of security than that provided by most previous approaches. Secondly, it applies to any programming constructs whose semantics are definable; for instance, the introduction of nondeterminism and exceptions poses no additional problems. Thirdly, it can be used for reasoning about indirect leaking of information through variations in program behavior (e.g., whether or not the program terminates).
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
Gregory R. Andrews and Richard P. Reitman. An axiomatic approach to information flow in programs. ACM Transactions on Programming Languages and Systems, 2(1):56–76, January 1980.
Jean-Pierre Banâtre, Ciarán Bryce, and Daniel Le Métayer. Compile-time detection of information flow in sequential programs. In Proceedings of the European Symposium on Research in Computer Security, pages 55–73. Lecture Notes in Computer Science 875, Sprinter Verlag, 1994.
D. E. Bell and L. J. La Padula. Secure computer systems: Mathematical foundations and model. Technical Report M74-244, MITRE Corporation, Bedford, Massachusetts, 1973.
Dorothy E. Denning and Peter J. Denning. Certification of programs for secure information flow. Communications of the ACM, 20(7): 504–513, July 1977.
Dorothy E. Denning. A lattice model of secure information flow. Communications of the ACM, 19(5):236–243, May 1976.
Edsger W. Dijkstra. A Discipline of Programming. Prentice-Hall, Englewood Cliffs, NJ, 1976.
Edsger W. Dijkstra and Carel S. Scholten. Predicate Calculus and Program Semantics. Texts and Monographs in Computer Science. Springer-Verlag, 1990.
Morrie Gasser. Building a secure computer system. Van Nostrand Reinhold Company, New York, 1988.
Eric C. R. Hehner. Predicative programming Part I. Communications of the ACM, 27(2): 134–143, February 1984.
Butler W. Lampson. A note on the confinement problem. Communications of the ACM, 16(10):613–615, October 1973.
R.M. Dijkstra. Relational calculus and relational program semantics. Eindhoven Institute of Technology, 1992.
A. W. Roscoe. CSP and determinism in security modelling. In Security and Privacy. IEEE, 1995.
Dennis Volpano and Geoffrey Smith. Eliminating covert flows with minimum typings. In Proceedings of the 10th IEEE Computer Security Foundations Workshop, pages 156–168, June 1997.
Dennis Volpano and Geoffrey Smith. A type-based approach to program security. In Theory and Practice of Software Development: Proceedings/TAPSOFT '97, 7 th International Joint Conference CAAP/FASE, volume 1214 of Lecture Notes in Computer Science, pages 607–621. Springer, April 1997.
Dennis Volpano, Geoffrey Smith, and Cynthia Irvine. A sound type system for secure flow analysis. Journal of Computer Security, 4(3):1–21, 1996.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Rustan, K., Leino, M., Joshi, R. (1998). A semantic approach to secure information flow. In: Jeuring, J. (eds) Mathematics of Program Construction. MPC 1998. Lecture Notes in Computer Science, vol 1422. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0054294
Download citation
DOI: https://doi.org/10.1007/BFb0054294
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64591-7
Online ISBN: 978-3-540-69345-1
eBook Packages: Springer Book Archive