From fine- to coarse-grained dynamic information flow control and back-Reference-Cited by-同舟云学术

From fine- to coarse-grained dynamic information flow control and back

Published:2019-01-02 Issue:POPL Volume:3 Page:1-31
ISSN:2475-1421
Container-title:Proceedings of the ACM on Programming Languages
language:en
Short-container-title:Proc. ACM Program. Lang.

Author:

Vassena Marco¹,Russo Alejandro¹,Garg Deepak²,Rajani Vineet²,Stefan Deian³

Affiliation:

1. Chalmers University of Technology, Sweden

2. MPI-SWS, Germany

3. University of California at San Diego, USA

Abstract

We show that fine-grained and coarse-grained dynamic information-flow control (IFC) systems are equally expressive. To this end, we mechanize two mostly standard languages, one with a fine-grained dynamic IFC system and the other with a coarse-grained dynamic IFC system, and prove a semantics-preserving translation from each language to the other. In addition, we derive the standard security property of non-interference of each language from that of the other, via our verified translation. This result addresses a longstanding open problem in IFC: whether coarse-grained dynamic IFC techniques are less expressive than fine-grained dynamic IFC techniques (they are not!). The translations also stand to have important implications on the usability of IFC approaches. The coarse- to fine-grained direction can be used to remove the label annotation burden that fine-grained systems impose on developers, while the fine- to coarse-grained translation shows that coarse-grained systems---which are easier to design and implement---can track information as precisely as fine-grained systems and provides an algorithm for automatically retrofitting legacy applications to run on existing coarse-grained systems.

Funder

Deutsche Forschungsgemeinschaft

Stiftelsen för Strategisk Forskning

Publisher

Association for Computing Machinery (ACM)

Subject

Safety, Risk, Reliability and Quality,Software

Link

https://dl.acm.org/doi/pdf/10.1145/3290389

Reference42 articles.

1. Efficient purely-dynamic information flow analysis

2. Permissive dynamic information flow analysis

3. Security types preserving compilation

4. Run-time Monitoring and Formal Analysis of Information Flows in Chromium

Cited by 10 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Information Flow Tracking for Heterogeneous Compartmentalized Software;Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses;2023-10-16

2. Immutability and Encapsulation for Sound OO Information Flow Control;ACM Transactions on Programming Languages and Systems;2023-03-03

3. From Fine- to Coarse-Grained Dynamic Information Flow Control and Back;Foundations and Trends® in Programming Languages;2023

4. A Multilevel Non-interference Vulnerability Analysis Method for Information Leakage Problem;2021 IEEE Sixth International Conference on Data Science in Cyberspace (DSC);2021-10

5. Gradual Security Types and Gradual Guarantees;2021 IEEE 34th Computer Security Foundations Symposium (CSF);2021-06