A logic for information flow analysis with an application to forward slicing of simple imperative programs

Science of Computer Programming

Volumn 64, Issue 1 SPEC. ISS., 2007, Pages 3-28

  Amtoft, Torben ^a   Banerjee, Anindya ^a  

^a 129 Seaton Hall   (United States)

Author keywords

Abstract interpretation; Denotational semantics; Frame rule; Hoare logic; Information flow analysis; Program slicing; Strongest postcondition

Indexed keywords

ABSTRACTING; COMPUTER PROGRAMMING LANGUAGES; SECURITY OF DATA; SEMANTICS; THEOREM PROVING;

ABSTRACT INTERPRETATION; DENOTATIONAL SEMANTICS; FRAME RULE; HOARE LOGIC; INFORMATION FLOW ANALYSIS; PROGRAM SLICING; STRONGEST POSTCONDITION;

FORMAL LOGIC;

EID: 33751073715     PISSN: 01676423     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.scico.2006.03.002     Document Type: Article

References (34)

1. M. Abadi, A. Banerjee, N. Heintze, J.G. Riecke, A core calculus of dependency, in: ACM Symposium on Principles of Programming Languages, POPL, 1999, pp. 147-160
2. T. Amtoft, S. Bandhakavi, A. Banerjee, A logic for information flow in object-oriented programs, in: ACM Symposium on Principles of Programming Languages, POPL, 2006, pp. 91-102
3. T. Amtoft, A. Banerjee, Information flow analysis in logical form, Tech. Rep. CIS TR 2004-3, Kansas State University, April 2004. URL: http://www.cis.ksu.edu/~ab/Publications/ifalftr.pdf
4. Amtoft T., and Banerjee A. Information flow analysis in logical form. Static Analysis Symposium. SAS. Lecture Notes in Computer Science vol. 3148 (2004), Springer-Verlag 100-115
5. Andrews G.R., and Reitman R.P. An axiomatic approach to information flow in programs. ACM Transactions on Programming Languages and Systems 2 1 (1980) 56-75
6. Banerjee A., and Naumann D.A. Stack-based access control and secure information flow. Language-based Security. Journal of Functional Programming 15 2 (2005) 131-177 (special issue)
7. Barthe G., D'Argenio P.R., and Rezk T. Secure information flow by self-composition. IEEE Computer Security Foundations Workshop. CSFW (2004), IEEE Computer Society Press 100-114
8. D. Bell, L. LaPadula, Secure computer systems: Mathematical foundations, Tech. Rep. MTR-2547, MITRE Corp., 1973
9. Clark D., Hankin C., and Hunt S. Information flow for Algol-like languages. Computer Languages 28 1 (2002) 3-28
10. Cohen E.S. Information transmission in sequential programs. In: DeMillo R.A., Dobkin D.P., Jones A.K., and Lipton R.J. (Eds). Foundations of Secure Computation (1978), Academic Press 297-335
11. Cousot P., and Cousot R. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. ACM Symposium on Principles of Programming Languages. POPL (1977), ACM Press, New York, NY 238-252
12. Cousot P., and Cousot R. Automatic synthesis of optimal invariant assertions: mathematical foundations. Proceedings of the ACM Symposium on Artificial Intelligence and Programming Languages. SIGPLAN Notices vol. 12 (1977), ACM Press 1-12
13. Á. Darvas, R. Hähnle, D. Sands, A theorem proving approach to analysis of secure information flow, Tech. Rep. 2004-01, Department of Computing Science, Chalmers University of Technology and Göteborg University, 2004, a fuller version of a paper appearing in Workshop on Issues in the Theory of Security, 2003
14. Denning D., and Denning P. Certification of programs for secure information flow. Communications of the ACM 20 7 (1977) 504-513
15. R. Giacobazzi, I. Mastroeni, Abstract non-interference: Parameterizing non-interference by abstract interpretation, in: ACM Symposium on Principles of Programming Languages, POPL, 2004, pp. 186-197
16. J. Goguen, J. Meseguer, Security policies and security models, in: Proc. IEEE Symp. on Security and Privacy, 1982, pp. 11-20
17. N. Heintze, J.G. Riecke, The SLam calculus: Programming with secrecy and integrity, in: ACM Symposium on Principles of Programming Languages, POPL, 1998, pp. 365-377
18. Hunt S., and Sands D. Binding time analysis: A new PERspective. Partial Evaluation and Semantics-Based Program Manipulation. PEPM. SIGPLAN Notices 26 9 (1991) 154-165
19. Hunt S., and Sands D. On flow-sensitive security types. ACM Symposium on Principles of Programming Languages, POPL (2006), ACM Press 79-90
20. S. Ishtiaq, P.W. O'Hearn, BI as an assertion language for mutable data structures, in: ACM Symposium on Principles of Programming Languages, POPL, 2001, pp. 14-26
21. Joshi R., and Leino K.R.M. A semantic approach to secure information flow. Science of Computer Programming 37 (2000) 113-138
22. D. McCullough, Specifications for multi-level security and a hook-up, in: IEEE Symposium on Security and Privacy, 1987, pp. 161-166
23. Nielson F., Nielson H.R., and Hankin C. Principles of Program Analysis (1999), Springer-Verlag. Web page at: www.imm.dtu.dk/~riis/PPA/ppa.html
24. O'Hearn P., Reynolds J., and Yang H. Local reasoning about programs that alter data structures. Computer Science Logic. Lecture Notes in Computer Science vol. 2142 (2001), Springer-Verlag 1-19
25. P. O'Hearn, H. Yang, J. Reynolds, Separation and information hiding, in: ACM Symposium on Principles of Programming Languages, POPL, 2004, pp. 268-280
26. Ørbæk P., and Palsberg J. Trust in the λ-calculus. Journal of Functional Programming 7 6 (1997) 557-591
27. Pottier F., and Simonet V. Information flow inference for ML. ACM Transactions on Programming Languages and Systems 25 1 (2003) 117-158
28. Reynolds J.C. Separation logic: A logic for shared mutable data structures. IEEE Symposium on Logic in Computer Science. LICS (2002), IEEE Computer Society Press 55-74
29. Sabelfeld A., and Myers A. A model for delimited information release. Proceedings of the International Symposium on Software Security. ISSS. Lecture Notes in Computer Science vol. 3233 (2004), Springer-Verlag 174-191
30. Sabelfeld A., and Myers A.C. Language-based information-flow security. IEEE Journal of Selected Areas in Communications 21 1 (2003) 5-19
31. Sabelfeld A., and Sands D. A Per model of secure information flow in sequential programs. Higher-order and Symbolic Computation 14 1 (2001) 59-91
32. Schmidt D.A. Structure-preserving binary relations for program abstraction. The Essence of Computation: Complexity, Analysis, Transformation - Essays dedicated to Neil D. Jones. Lecture Notes in Computer Science no. 2566 (2002), Springer-Verlag 245-265
33. Volpano D., Irvine C., and Smith G. A sound type system for secure flow analysis. Journal of Computer Security 4 3 (1996) 167-188
34. Volpano D., and Smith G. A type-based approach to program security. Proceedings of Theory and Practice of Software Development. TAPSOFT'97. Lecture Notes in Computer Science no. 1214 (1997), Springer-Verlag 607-621