Affiliation:
1. IMDEA Software
2. Inria Sophia Antipolis and MSR-INRIA
3. Chalmers University of Technology
Abstract
End-to-End security of mobile code requires that the code neither intentionally nor accidentally propagates sensitive information to an adversary. Although mobile code is commonly multithreaded low-level code, there lack enforcement mechanisms that ensure information security for such programs. The modularity is three-fold: we give modular extensions of sequential semantics, sequential security typing, and sequential security-type preserving compilation that allow us enforcing security for multithreaded programs. Thanks to the modularity, there are no more restrictions on multithreaded source programs than on sequential ones, and yet we guarantee that their compilations are provably secure for a wide class of schedulers.
Funder
Sixth Framework Programme
Seventh Framework Programme
Publisher
Association for Computing Machinery (ACM)
Subject
Safety, Risk, Reliability and Quality,General Computer Science
Reference49 articles.
1. Transforming out timing leaks
2. Stack-based access control and secure information flow
3. Barnes J. and Barnes J. 2003. High Integrity Software: The SPARK Approach to Safety and Security. Addison-Wesley Longman Boston. Barnes J. and Barnes J. 2003. High Integrity Software: The SPARK Approach to Safety and Security. Addison-Wesley Longman Boston.
Cited by
13 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献