An Axiomatic Approach to Information Flow in Programs

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

An Axiomatic Approach to Information Flow in Programs

Full text

Pdf (1.20 MB)

Source

ACM Transactions on Programming Languages and Systems (TOPLAS) archive
Volume 2 , Issue 1 (January 1980) table of contents

Pages: 56 - 76

Year of Publication: 1980

ISSN:0164-0925

Authors

Gregory R. Andrews	Department of Computer Science, University of Arizona, Tucson, AZ
Richard P. Reitman	School of Computer and Information Science, 313 Link Hall, Syracuse University, Syracuse, NY

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 11, Downloads (12 Months): 68, Citation Count: 33

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/357084.357088 What is a DOI?

ABSTRACT

A new approach to information flow in sequential and parallel programs is presented. Flow proof rules that capture the information flow semantics of a variety of statements are given and used to construct program flow proofs. The method is illustrated by examples. The applications of flow proofs to certifying information flow policies and to solving the confinement problem are considered. It is also shown that flow rules and correctness rules can be combined to form an even more powerful proof system.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	BRINCH HANSEN, P. The programming language Concurrent Pascal. IEEE Trans. Sofiw. Eng. SE-1, 2 (June 1975), 199-207.
	2	Ellis Choen, Information transmission in computational systems, Proceedings of the sixth ACM symposium on Operating systems principles, p.133-139, November 16-18, 1977, West Lafayette, Indiana, United States
	3	Dorothy E. Denning, A lattice model of secure information flow, Communications of the ACM, v.19 n.5, p.236-243, May 1976 [doi>10.1145/360051.360056]
	4	Dorothy E. Denning , Peter J. Denning, Certification of programs for secure information flow, Communications of the ACM, v.20 n.7, p.504-513, July 1977 [doi>10.1145/359636.359712]
	5	DIZKSTRA, E.W. Cooperating sequential processes. In Programming Languages (F. Genuys, Ed.), Academic Press, New York, 1968.
	6	FENTON, J.S. Memoryless subsystems. Comput. J. 17, 2 (May 1974), 143-147.
	7	GAT, I. Security aspects of computer systems. Ph.D. Thesis, Technion--Israel inst. of Technology, June 1976.
	8	C. A. R. Hoare, An axiomatic basis for computer programming, Communications of the ACM, v.12 n.10, p.576-580, Oct. 1969 [doi>10.1145/363235.363259]
	9	C. A. R. Hoare, Monitors: an operating system structuring concept, Communications of the ACM, v.17 n.10, p.549-557, Oct. 1974 [doi>10.1145/355620.361161]
	10	Anita K. Jones , Richard J. Lipton, The enforcement of security policies for computation, Proceedings of the fifth ACM symposium on Operating systems principles, p.197-206, November 19-21, 1975, Austin, Texas, United States
	11	Butler W. Lampson, A note on the confinement problem, Communications of the ACM, v.16 n.10, p.613-615, Oct. 1973 [doi>10.1145/362375.362389]
	12	Steven B. Lipner, A comment on the confinement problem, Proceedings of the fifth ACM symposium on Operating systems principles, p.192-196, November 19-21, 1975, Austin, Texas, United States
	13	Thomas Bennet London, The semantics of information flow., 1977
	14	MCGRAW, J.R., ANO ANOREWS, G.R. Access control in parallel programs. IEEE Trans. Softw. Eng. SE-5, 1 (Jan. 1979), 1-9.
	15	Jonathan K. Millen, Security Kernel validation in practice, Communications of the ACM, v.19 n.5, p.243-250, May 1976 [doi>10.1145/360051.360059]
	16	Charles G. Moore, III, Potential Capabilities in Algol-Like Programs, Cornell University, Ithaca, NY, 1974
	17	NF-UMANN, P.G., ET AL. A provably secure operating system: The system, its applications, and proofs. Final Rep., SRi Proj. 4332, SRI International, Menlo Park, Calif., Feb. 1977.
	18	OWICKI, S., AND GRIES, D. An axiomatic proof technique for parallel programs. Acta Inf. 6 (1976), 319-340.
	19	Gerald J. Popek , David A. Farber, A model for verification of data security in operating systems, Communications of the ACM, v.21 n.9, p.737-749, Sept. 1978 [doi>10.1145/359588.359597]
	20	David P. Reed , Rajendra K. Kanodia, Synchronization with eventcounts and sequencers, Communications of the ACM, v.22 n.2, p.115-123, Feb. 1979 [doi>10.1145/359060.359076]
	21	Richard Philip Reitman, Information flow in parallel programs: an axiomatic approach., 1978
	22	Richard P. Reitman , Gregory R. Andrews, Certifying information flow properties of programs: an axiomatic approach, Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages, p.283-290, January 29-31, 1979, San Antonio, Texas [doi>10.1145/567752.567779]
	23	WEISSMAN, C. Security controls in the Adept-50 time-sharing system. AFIPS 1969 FJCC, Vol. 35, AFIPS Press, Arlington, Va., pp. 119-133.

CITED BY 33

	M. Moriconi, A practical approach to semantic configuration management, ACM SIGSOFT Software Engineering Notes, v.14 n.8, p.103-113, Dec. 1989
	R. Barbuti , C. Bernardeschi , N. De Francesco, Abstract interpretation of operational semantics for secure information flow, Information Processing Letters, v.83 n.2, p.101-108, 31 July 2002
	Richard P. Reitman, A mechanism for information control in parallel systems, Proceedings of the seventh ACM symposium on Operating systems principles, p.55-63, December 10-12, 1979, Pacific Grove, California, United States
	Gregory R. Andrews, Parallel programs: proofs, principles, and practice, Communications of the ACM, v.24 n.3, p.140-145, March 1981
	Carl E. Landwehr, Formal Models for Computer Security, ACM Computing Surveys (CSUR), v.13 n.3, p.247-278, Sept. 1981
	Maureen Harris Cheheyl , Morrie Gasser , George A. Huff , Jonathan K. Millen, Verifying Security, ACM Computing Surveys (CSUR), v.13 n.3, p.279-339, Sept. 1981
	Jean-Francois Bergeretti , Bernard A. Carré, Information-flow and data-flow analysis of while-programs, ACM Transactions on Programming Languages and Systems (TOPLAS), v.7 n.1, p.37-61, Jan. 1985
	Andrew C. Myers , Barbara Liskov, A decentralized model for information flow control, ACM SIGOPS Operating Systems Review, v.31 n.5, p.129-142, Dec. 1997
	Nevin Heintze , Jon G. Riecke, The SLam calculus: programming with secrecy and integrity, Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.365-377, January 19-21, 1998, San Diego, California, United States
	Matthew Hennessy , James Riely, Information flow vs. resource access in the asynchronous pi-calculus, ACM Transactions on Programming Languages and Systems (TOPLAS), v.24 n.5, p.566-591, September 2002
	Andrew C. Myers, JFlow: practical mostly-static information flow control, Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.228-241, January 20-22, 1999, San Antonio, Texas, United States
	Elisa Bertino , Sabrina De Capitani Di Vimercati , Elena Ferrari , Pierangela Samarati, Exception-based information flow control in object-oriented systems, ACM Transactions on Information and System Security (TISSEC), v.1 n.1, p.26-65, Nov. 1998
	François Pottier , Sylvain Conchon, Information flow inference for free, ACM SIGPLAN Notices, v.35 n.9, p.46-57, Sept. 2000
	John Hale , Mauricio Papa , Sujeet Shenoi, Programmable access control, Journal of Computer Security, v.11 n.3, p.331-351, 1 March 2003
	Marco Avvenuti , Cinzia Bernardeschi , Nicoletta De Francesco, Java bytecode verification for secure information flow, ACM SIGPLAN Notices, v.38 n.12, December 2003
	Andrew C. Myers , Barbara Liskov, Protecting privacy using the decentralized label model, ACM Transactions on Software Engineering and Methodology (TOSEM), v.9 n.4, p.410-442, Oct. 2000
	Chii-Ren Tsai , Virgil D. Gligor , C. S. Shandersekaran, On the Identification of Covert Storage Channels in Secure Systems, IEEE Transactions on Software Engineering, v.16 n.6, p.569-580, June 1990
	Wen-Pai Lu , Malur K. Sundareshan, A Model for Multilevel Security in Computer Networks, IEEE Transactions on Software Engineering, v.16 n.6, p.647-659, June 1990
	Yao-Wen Huang , Fang Yu , Christian Hang , Chung-Hung Tsai , Der-Tsai Lee , Sy-Yen Kuo, Securing web application code by static analysis and runtime protection, Proceedings of the 13th international conference on World Wide Web, May 17-20, 2004, New York, NY, USA
	Alessandro Aldini , Mario Bravetti , Roberto Gorrieri, A process-algebraic approach for the analysis of probabilistic noninterference, Journal of Computer Security, v.12 n.2, p.191-245, May 2004
	Roberto Barbuti , Cinzia Bernardeschi , Nicoletta De Francesco, Checking security of Java bytecode by abstract interpretation, Proceedings of the 2002 ACM symposium on Applied computing, March 11-14, 2002, Madrid, Spain
	Nicoletta De Francesco , Antonella Santone , Luca Tesei, Abstract interpretation and model checking for checking secure information flow in concurrent systems, Fundamenta Informaticae, v.54 n.2-3, p.195-211, February 2003
	Sebastian Hunt , David Sands, On flow-sensitive security types, ACM SIGPLAN Notices, v.41 n.1, p.79-90, January 2006
	M. Moriconi , T. C. Winkler, Approximate Reasoning About the Semantic Effects of Program Changes, IEEE Transactions on Software Engineering, v.16 n.9, p.980-992, September 1990
	Kyung Goo Doh , Seung Cheol Shin, Detection of information leak by data flow analysis, ACM SIGPLAN Notices, v.37 n.8, August 2002
	C. Bernardeschi , N. De Francesco , G. Lettieri , L. Martini, Checking secure information flow in java bytecode by code transformation and standard bytecode verification, Software—Practice & Experience, v.34 n.13, p.1225-1255, 10 November 2004
	Peeter Laud , Tarmo Uustalu , Varmo Vene, Type systems equivalent to data-flow analyses for imperative languages, Theoretical Computer Science, v.364 n.3, p.292-310, 8 November 2006
	Torben Amtoft , Anindya Banerjee, A logic for information flow analysis with an application to forward slicing of simple imperative programs, Science of Computer Programming, v.64 n.1, p.3-28, January, 2007
	Nicoletta De Francesco , Luca Martini, Instruction-level security analysis for information flow in stack-based assembly languages, Information and Computation, v.205 n.9, p.1334-1370, September, 2007
	Cinzia Bernardeschi , Nicoletta De Francesco , Giuseppe Lettieri, Concrete and Abstract Semantics to Check Secure Information Flow in Concurrent Programs, Fundamenta Informaticae, v.60 n.1-4, p.81-98, January 2004
	Andrei Sabelfeld , David Sands, A Per Model of Secure Information Flow in Sequential Programs, Higher-Order and Symbolic Computation, v.14 n.1, p.59-91, March 2001
	Reiner Hähnle , Jing Pan , Philipp Rümmer , Dennis Walter, Integration of a security type system into a program logic, Theoretical Computer Science, v.402 n.2-3, p.172-189, August, 2008
	Yin Liu , Ana Milanova, Static analysis for inference of explicit information flow, Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering, November 09-10, 2008, Atlanta, Georgia