A library for light-weight information-flow security in Haskell

Haskell'08 - Proceedings of the ACM SIGPLAN 2008 Haskell Symposium

Volumn , Issue , 2008, Pages 13-24

  Russo, Alejandro ^a   Ciaessen, Koen ^a   Hughes, John ^a  

^a CHALMERS UNIVERSITY OF TECHNOLOGY   (Sweden)

Author keywords

Declassification; Information flow; Library; Monad

Indexed keywords

LIGHT WEIGHT STRUCTURES; QUERY LANGUAGES;

COMBINATORS; COMPUTING SYSTEMS; DECLASSIFICATION; HASKELL; HASKELL PROGRAMS; INFORMATION-FLOW; LIGHT WEIGHTS; MONAD; SIDE-EFFECTS;

LINGUISTICS;

EID: 63149101516     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1411286.1411289     Document Type: Conference Paper

References (39)

1. M. Abadi, A. Banerjee, N. Heintze, and J. Riecke. A core calculus of dependency. In Proc. ACM Symp. on Principles of Programming Languages, pages 147-160, January 1999.
2. A. Askarov and A. Sabelfeld. Localized delimited release: combining the what and where dimensions of information release. In PLAS '07: Proceedings of the 2007 workshop on Programming languages and analysis for security, pages 53-60, New York, NY, USA, 2007. ACM.
3. N. Broberg and D. Sands. Flow locks: Towards a core calculus for dynamic flow policies. In Peter Sestoft, editor, Proc. European Symp. on Programming, volume 3924 of Lecture Notes in Computer Science, pages 180-196. Springer, 2006.
4. S. Chong and A. C. Myers. Security policies for downgrading. In ACM Conference on Computer and Communications Security, pages 198-209, October 2004.
5. D. Clark, S. Hunt, and P. Malacaria. Quantitative analysis of the leakage of confidential data. In QAPL'01, Proc. Quantitative Aspects of Programming Languages, volume 59 of ENTCS. Elsevier, 2002.
6. E. S. Cohen. Information transmission in sequential programs. In R. A. DeMillo, D. P. Dobkin, A. K. Jones, and R. J. Lipton, editors, Foundations of Secure Computation, pages 297-335. Academic Press, 1978.
7. K. Crary, A. Kliger, and F. Pfenning. A monadic analysis of information flow security with mutable state, 2003.
8. D. E. Denning. A lattice model of secure information flow. Comm. of the ACM, 19(5):236-243, May 1976.
9. D. E. Denning and P. J. Denning. Certification of programs for secure information flow. Comm. of the ACM, 20(7):504-513, July 1977.
10. J. A. Goguen and J. Meseguer. Security policies and security models. In Proc. IEEE Symp. on Security and Privacy, pages 11-20, April 1982.
11. G. Le Guernic, A. Banerjee, T. Jensen, and D. Schmidt. Automata-based confidentiality monitoring. In Proc. Annual Asian Computing Science Conference, volume 4435 of LNCS, pages 75-89. Springer-Verlag, December 2006.
12. W. L. Harrison and J. Hook. Achieving information flow security through precise control of effects. In CSFW '05: Proceedings of the 18th IEEE workshop on Computer Security Foundations, pages 16-30, Washington, DC, USA, 2005. IEEE Computer Society.
13. N. Heintze and J. G. Riecke. The SLam calculus: programming with secrecy and integrity. In Proc. ACM Symp. on Principles of Programming Languages, pages 365-377, January 1998.
14. J. Hughes. Generalising monads to arrows. Science of Computer Programming, 37(1-3):67-111, 2000.
15. M. H. Jackson. Linux shadow password howto. Available at http://tldp.org/HOWTO/Shadow-Password-HOWTO.html, 1996.
16. J. R. Lewis, J. Launchbury, E. Meijer, and M. B. Shields. Implicit parameters: dynamic scoping with static types. InPOPL '00: Proceedings of the 27th ACM SIGPLAN-SIGACT symposium onPrinciples of programming languages, pages 108-118, New York, NY, USA, 2000. ACM.
17. P. Li and S. Zdancewic. Encoding Information Flow in Haskell. In CSFW '06: Proceedings of the 19th IEEE Workshop on Computer Security Foundations. IEEE Computer Society, 2006.
18. P. Li and S. Zdancewic. Arrows for secure information flow. Available at http://www.seas.upenn.edu/~lipeng/homepage/lz06tcs.pdf, 2007.
19. Local Root Exploit. Linux kernel 2.6 local root exploit. Available at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=465246, February 2008.
20. H. Mantel and A. Reinhard. Controlling the what and where of declassification in language-based security. In Rocco De Nicola, editor, European Symposium on Programming (ESOP), volume 4421 of LNCS, pages 141-156. Springer, 2007. ISBN 978-3-540-71314-2.
21. A. C. Myers and B. Liskov. A decentralized model for information flow control. In Proc. ACM Symp. on Operating System Principles, pages 129-142, October 1997.
22. A. C. Myers and B. Liskov. Complete, safe information flow with decentralized labels. In Proc. IEEE Symp. on Security and Privacy, pages 186-197, May 1998.
23. A. C. Myers and B. Liskov. Protecting privacy using the decentralized label model. ACM Transactions on Software Engineering and Methodology, 9(4):410-442, 2000.
24. S. K. Nair, P. N.D. Simpson, B. Crispo, and A. S. Tanenbaum. A virtual machine based information flow control system for policy enforcement. The First International Workshop on Run Time Enforcement for Mobile and Distributed Systems (REM 2007), September 2007.
25. A. Narayanan and V. Shmatikov. Fast dictionary attacks on passwords using time-space tradeoff. In CCS '05: Proceedings of the 12th ACM conference on Computer and communications security, pages 364-372, New York, NY, USA, 2005. ACM.
26. B. C. Pierce. Advanced Topics In Types And Programming Languages. MIT Press, November 2004. ISBN 0262162288.
27. F. Pottier and V. Simonet. Information flow inference for ML. In Proc. ACM Symp. on Principles of Programming Languages, pages 319-330, January 2002.
28. A. Russo, K. Claessen, and J. Hughes. A library for light-weight information-flow security in Haskell. Software release and documentation. Available at http://www.es.chalmers.se/~msso/seclib.htm, 2008a.
29. A. Russo, K. Claessen, and J. Hughes. A library for light-weight information-flow security in Haskell. Technical Report. Chalmers University of Technology. To appear., October 2008b.
30. A. Sabelfeld and A. C. Myers. A model for delimited information release. In Proc. International Symp. on Software Security (ISSS'03), volume 3233 of LNCS, pages 174-191. Springer-Verlag, October 2004.
31. A. Sabelfeld and D. Sands. Dimensions and principles of declassification. In CSFW '05: Proceedings of the 18th IEEE Computer Security Foundations Workshop (CSFW'05), pages 255-269. IEEE Computer Society, 2005.
32. P. Shroff, S. Smith, and M. Thober. Dynamic dependency monitoring to secure information flow. Computer Security Foundations Symposium, 2007. CSF '07. 20th IEEE, pages 203-217, 2007.
33. V. Simonet. Flow caml in a nutshell. In Graham Hutton, editor, Proceedings ofthe first APPSEM-II workshop, pages 152-165, March 2003.
34. A. S. Tanenbaum. Modern Operating Systems. Prentice Hall PTR, Upper Saddle River, NJ, USA, 2001. ISBN 0130313580.
35. T. C. Tsai, A. Russo, and J. Hughes. A library for secure multi-threaded information flow in Haskell. In Proc. of the 20th IEEE Computer Security Foundations Symposium, July 2007.
36. S. Tse and S. Zdancewic. Translating dependency into parametricky. In ICFP '04: Proceedings of the ninth ACM SIGPLAN international conference on Functional programming, pages 115-125, New York, NY, USA, 2004. ACM.
37. D. Volpano and G. Smith. A type-based approach to program security. In Proc. TAPSOFT'97, volume 1214 of LNCS, pages 607-621. Springer-Verlag, April 1997.
38. D. Volpano, G. Smith, and C. Irvine. A sound type system for secure flow analysis. J. Computer Security, 4(3): 167-187, 1996.
39. P. Wadler. Monads for functional programming. In Marktoberdorf Summer School on Program Design Calculi, August 1992.