Abstract Non-Interference-Reference-Cited by-同舟云学术

Abstract Non-Interference

Published:2018-05-31 Issue:2 Volume:21 Page:1-31
ISSN:2471-2566
Container-title:ACM Transactions on Privacy and Security
language:en
Short-container-title:ACM Trans. Priv. Secur.

Author:

Giacobazzi Roberto¹,Mastroeni Isabella²^ORCID

Affiliation:

1. University of Verona 8 IMDEA SW Institute

2. University of Verona, Italy

Abstract

Non-interference happens when some elements of a dynamic system do not interfere, i.e., do not affect, other elements in the same system. Originally introduced in language-based security, non-interference means that the manipulation of private information has no effect on public observations of data. In this article, we introduce abstract non-interference as a weakening of non-interference by abstract interpretation. Abstract non-interference is parametric on which private information we want to protect and which are the observational capabilities of the external observer, i.e., what the attacker can observe of a computation and of the data manipulated during the computation. This allows us to model a variety of situations in information-flow security, where the security of a system can be mastered by controlling the degree of precision of the strongest harmless attacker and the properties that are potentially leaked in case of successful attack.

Publisher

Association for Computing Machinery (ACM)

Subject

Safety, Risk, Reliability and Quality,General Computer Science

Link

https://dl.acm.org/doi/pdf/10.1145/3175660

Reference53 articles.

1. Open Web Application Security Project (OWASP). 2016. Retrieved November 13 2016 from https://www.owasp.org. Open Web Application Security Project (OWASP). 2016. Retrieved November 13 2016 from https://www.owasp.org.

2. Learning is Change in Knowledge: Knowledge-Based Security for Dynamic Policies

3. A. Askarov and A. C. Myers. 2011. Attacker control and impact for confidentiality and integrity. Logical Methods in Computer Science 7 3 (2011). A. Askarov and A. C. Myers. 2011. Attacker control and impact for confidentiality and integrity. Logical Methods in Computer Science 7 3 (2011).

4. Gradual Release: Unifying Declassification, Encryption and Key Release Policies

5. Localized delimited release

Cited by 17 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Reconciling Shannon and Scott with a Lattice of Computable Information;Proceedings of the ACM on Programming Languages;2023-01-09

2. Domain Precision in Galois Connection-Less Abstract Interpretation;Static Analysis;2023

3. How Fitting is Your Abstract Domain?;Static Analysis;2023

4. Branching Bisimulation Semantics Enables Noninterference Analysis of Reversible Systems;Formal Techniques for Distributed Objects, Components, and Systems;2023

5. Verifying opacity by abstract interpretation;Proceedings of the 37th ACM/SIGAPP Symposium on Applied Computing;2022-04-25