Adjoining declassification and attack models by abstract interpretation

Lecture Notes in Computer Science

Volumn 3444, Issue , 2005, Pages 295-310

  Giacobazzi, Roberte ^a   Mastroeni, Isabella ^a  

^a UNIVERSITY OF VERONA   (Italy)

Author keywords

Abstract interpretation; Abstract non interference; Adjunction; Attack models; Completeness; Declassification; Language based security

Indexed keywords

COMPUTER PROGRAMMING; COMPUTER PROGRAMMING LANGUAGES; MATHEMATICAL MODELS; SEMANTICS;

ABSTRACT INTERPRETATION THEORY; ATTACK MODELS; DECLASSIFICATION; LANGUAGE-BASED SECURITY;

SECURITY OF DATA;

EID: 24644453685     PISSN: 03029743     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1007/978-3-540-31987-0_21     Document Type: Conference Paper

References (32)

1. D. E. Bell and L. J. LaPadula. Secure computer systems: Mathematical foundations and model. Technical Report M74-244, MITRE Corp. Badford, MA, 1973.
2. T.S. Blyth and M.F. Janowitz. Residuation theory. Pergamon Press, 1972.
3. C. Bodei, P. Degano, F. Nielson, and H.R. Nielson. Static analysis for secrecy and non-interference in networks of processes. In Proc. of PaCT'01, volume 2127 of Lecture Notes in Computer Science, pages 27-41. Springer-Verlag, 2001.
4. D. Clark, C. Hankin, and S. Hunt. Information flow for algol-like languages. Computer Languages, 28(1):3-28, 2002.
5. D. Clark, S. Hunt, and P. Malacaria. Quantitative analysis of the leakage of confidential data. In Workshop on Quantitative Aspects of Programming Laquages (QAPL '01), volume 59 of Electronic Notes in Theoretical Computer Science. Elsevier, Amsterdam, 2001.
6. E. S. Cohen. Information transmission in computational systems. ACM SIGOPS Operating System Review, 11(5):133-139, 1977.
7. P. Cousot and R. Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proc. of Conf. Record of the 4th ACM Symp. on Principles of Programming Languages (POPL '77), pages 238-252. ACM Press, New York, 1977.
8. P. Cousot and R. Cousot. Systematic design of program analysis frameworks. In Proc. of Conf. Record of the 6th ACM Symp. on Principles of Programming Languages (POPL '79), pages 269-282. ACM Press, New York, 1979.
9. D. E. Denning. A lattice model of secure information flow. Communications of the ACM, 19(5):236-242, 1976.
10. D. E. Denning and P. Denning. Certification of programs for secure information flow. Communications of the ACM, 20(7):504-513, 1977.
11. G. Filé, R. Giacobazzi, and F. Ranzato. A unifying view of abstract domain design. ACM Comput. Surv., 28(2):333-336, 1996.
12. R. Focardi and R. Gorrieri. A classification of security properties for process algebras. Journal of Computer security, 3(1):5-33, 1995.
13. R. Giacobazzi and I. Mastroeni. Abstract non-interference: Parameterizing non-interference by abstract interpretation. In Proc. of the 31st Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL '04), pages 186-197. ACM-Press, NY, 2004.
14. R. Giacobazzi and I. Mastroeni. Proving abstract non-interference. In Annual Conference of the European Association for Computer Science Logic (CSL'04), volume 3210, pages 280-294. Springer-Verlag, 2004.
15. R. Giacobazzi and E. Quintarelli. Incompleteness, counterexamples and refinements in abstract model-checking. In P. Cousot, editor, Proc. of The 8th Internat. Static Analysis Symp. (SAS'01), volume 2126 of Lecture Notes in Computer Science, pages 356-373. Springer-Ver lag, 2001.
16. R. Giacobazzi and P. Ranzato. Refining and compressing abstract domains. In P. Degano, R. Gorrieri, and A. Marchetti-Spaccamela, editors, Proc. of the 24th Internat. Colloq. on Automata, Languages and Programming (ICALP '97), volume 1256 of Lecture Notes in Computer Science, pages 771-781. Springer-Verlag, Berlin, 1997.
17. R. Giacobazzi, F. Ranzato, and F. Scozzari. Making abstract interpretations complete. J. of the ACM., 47(2):361-416, 2000.
18. J. A. Goguen and J. Meseguer. Security policies and security models. In Proc. IEEE Symp. on Security and Privacy, pages 11-20. IEEE Computer Society Press, 1982.
19. R. Joshi and K. R. M. Leino. A semantic approach to secure information flow. Science of Computer Programming, 37:113-138, 2000.
20. P. Laud. Semantics and program analysis of computationally secure information flow. In Programming Languages and Systems, 10th European Symp. On Programming, ESOP, volume 2028 of Lecture Notes in Computer Science, pages 77-91. Springer-Verlag, 2001.
21. P. Li and S. Zdancewic. Downgrading policies and relaxed noninterference. In Proc. of the 32st Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL '05). ACM-Press, NY, 2005. To appear.
22. H. Mantel. Possibilistic definitions of security - an assemply kit -. In Proc. of the IEEE Computer Security Foundations Workshop, pages 185-199. IEEE Computer Society Press, 2000.
23. J. McLean. Proving noninterference and functional correcteness using traces. Journal of Computer security, 1(1):37-58, 1992.
24. F. Ranzato and F. Tapparo. Strong preservation as completeness in abstract interpretation. In D. Schmidt, editor, Proc. of the 13th European Symposium on Programming (ESOP'04), volume 2986 of Lecture Notes in Computer Science, pages 18-32. Springer-Verlag, 2004.
25. P. Ryan. Mathematical models of computer security - tutorial lectures. In R. Focardi and R. Gorrieri, editors, Foundations of Security Analysis and Design, volume 2171 of Lecture Notes in Computer Science, pages 1-62. Springer-Verlag, 2001.
26. A. Sabelfeld and A. C. Myers. A model for delimited information release. In Proc. of the International Symp. on Software Security (ISSS'03), Lecture Notes in Computer Science. Springer-Verlag, 2004.
27. A. Sabelfeld and A.C. Myers. Language-based information-flow security. IEEE J. on selected ares in communications, 21(1):5-19, 2003.
28. A. Sabelfeld and D. Sands. A PER model of secure information flow in sequential programs. Higher-Order and Symbolic Computation, 14(1):59-91, 2001.
29. C. Skalka and S. Smith. Static enforcement of security with types. In ICFP'00, pages 254-267. ACM Press, New York, 2000.
30. D. Volpano. Safety versus secrecy. In Proc. of the 6th Static Analysis Symp. (SAS'99), volume 1694 of Lecture Notes in Computer Science, pages 303-311. Springer-Verlag, 1999.
31. D. Volpano, G. Smith, and C. Irvine. A sound type system for secure flow analysis. Journal of Computer Security, 4(2,3): 167-187, 1996.
32. S. Zdancewic and A. C. Myers. Robust declassification. In Proc. of the IEEE Computer Security Foundations Workshop, pages 15-23. IEEE Computer Society Press, 2001.