Flexible dynamic information flow control in Haskell

Haskell'11 - Proceedings of the 2011 ACM SIGPLAN Haskell Symposium

Volumn , Issue , 2011, Pages 95-106

  Stefan, Deian ^a   Russo, Alejandro ^b   Mitchell, John C ^a   Mazières, David ^a  

^a STANFORD UNIVERSITY   (United States)

^b CHALMERS UNIVERSITY OF TECHNOLOGY   (Sweden)

Author keywords

information flow control; library; monad

Indexed keywords

DISCRETIONARY ACCESS CONTROL; FLEXIBLE DYNAMICS; HASKELL; INFORMATION FLOW CONTROL; MONAD;

COMPUTER PROGRAMMING LANGUAGES; FLOW CONTROL; LIBRARIES; SEMANTICS;

ACCESS CONTROL;

EID: 82655162714     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2034675.2034688     Document Type: Conference Paper

References (40)

1. M. Abadi, A. Banerjee, N. Heintze, and J. Riecke. A Core Calculus of Dependency. In Proc. ACM Symp. on Principles of Programming Languages, pages 147-160, Jan. 1999.
2. A. Askarov, S. Hunt, A. Sabelfeld, and D. Sands. Terminationinsensitive noninterference leaks more than just a bit. In Proc. of the 13th European Symp. on Research in Computer Security, pages 333-348. Springer-Verlag, 2008.
3. R. Atkey. Parameterised notions of computation. In Workshop on mathematically structured functional programming, ed. Conor McBride and Tarmo Uustalu. Electronic Workshops in Computing, British Computer Society, pages 31-45, 2006.
4. A. Banerjee and D. Naumann. Stack-based access control and secure information flow. Journal of Functional Programming, 15(02):131-177, 2005.
5. D. E. Bell and L. L. Padula. Secure computer system: Unified exposition and multics interpretation. Technical Report MTR-2997, Rev. 1, MITRE Corp., Bedford, MA, March 1976.
6. K. J. Biba. Integrity considerations for secure computer systems. ESDTR-76-372, 1977.
7. T. chung Tsai, A. Russo, and J. Hughes. A library for secure multi-threaded information flow in Haskell, July 2007.
8. K. Crary, A. Kliger, and F. Pfenning. A monadic analysis of information flow security with mutable state. Journal of Functional Programming, 15:249-291, March 2005.
9. D. E. Denning. A lattice model of secure information flow. Communications of the ACM, 19(5):236-243, May 1976.
10. D. E. Denning and P. J. Denning. Certification of programs for secure information flow. Communications of the ACM, 20(7):504-513, 1977.
11. Trusted Computer System Evaluation Criteria (Orange Book). Department of Defense, DoD 5200.28-STD edition, December 1985.
12. D. Devriese and F. Piessens. Information flow enforcement in monadic libraries. In Proc. of the 7th ACM SIGPLAN Workshop on Types in Language Design and Implementation, New York, NY, USA, 2011. ACM.
13. P. Efstathopoulos, M. Krohn, S. VanDeBogart, C. Frey, D. Ziegler, E. Kohler, D. Mazières, F. Kaashoek, and R. Morris. Labels and event processes in the Asbestos operating system, October 2005.
14. M. Felleisen. The theory and practice of first-class prompts. In Proc. of the 15th ACM SIGPLAN-SIGACT Symp. on Principles of programming languages, pages 180-190. ACM, 1988.
15. J. Goguen and J. Meseguer. Security policies and security models, April 1982.
16. W. L. Harrison. Achieving information flow security through precise control of effects. In In 18th IEEE Computer Security Foundations Workshop, pages 16-30. IEEE Computer Society, 2005.
17. D. Hedin and D. Sands. Noninterference in the presence of nonopaque pointers. In Proc. of the 19th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, 2006.
18. N. Heintze and J. G. Riecke. The SLam calculus: programming with secrecy and integrity. In Proc. ACM Symp. on Principles of Programming Languages, pages 365-377, Jan. 1998.
19. J. Hughes. Generalising monads to arrows. Science of Computer Programming, 37(1-3):67-111, 2000.
20. S. Hunt and D. Sands. On flow-sensitive security types. In Conference record of the 33rd ACM SIGPLAN-SIGACT Symp. on Principles of programming languages, POPL '06, pages 79-90. ACM, 2006.
21. M. Krohn, A. Yip, M. Brodsky, N. Cliffer, M. F. Kaashoek, E. Kohler, and R. Morris. Information flow control for standard OS abstractions, October 2007.
22. C. E. Landwehr. Formal models for computer security. Computing Survels, 13(3):247-278, September 1981.
23. J. Launchbury. A natural semantics for lazy evaluation. In Proc. of the 20th ACM SIGPLAN-SIGACT Symp. on Principles of programming languages, pages 144-154. ACM, 1993.
24. X. Leroy and F. Rouaix. Security properties of typed applets. In Proc. of the 25th ACM SIGPLAN-SIGACT Symp. on Principles of programming languages, pages 391-403. ACM, 1998.
25. P. Li and S. Zdancewic. Encoding Information Flow in Haskell. In CSFW '06: Proc. of the 19th IEEE Workshop on Computer Security Foundations. IEEE Computer Society, 2006.
26. P. Li and S. Zdancewic. Arrows for secure information flow. Theoretical Computer Science, 411(19):1974-1994, 2010.
27. J. Morgenstern and D. R. Licata. Security-typed programming within dependently typed programming. In Proc. of the 15th ACM SIGPLAN International Conference on Functional Programming, ICFP '10. ACM, 2010.
28. A. C. Myers and B. Liskov. A decentralized model for information flow control. In Proc. of the 16th ACM Symp. on Operating Systems Principles, pages 129-142, 1997.
29. A. C. Myers and B. Liskov. Protecting privacy using the decentralized label model. ACM Trans. on Computer Systems, 9(4):410-442, October 2000.
30. F. Pottier and V. Simonet. Information flow inference for ML. In Proc. ACM Symp. on Principles of Programming Languages, pages 319-330, Jan. 2002.
31. A. Russo and A. Sabelfeld. Dynamic vs. static flow-sensitive security analysis. In Proc. of the 2010 23rd IEEE Computer Security Foundations Symp., CSF '10, pages 186-199. IEEE Computer Society, 2010.
32. A. Russo, K. Claessen, and J. Hughes. A library for light-weight information-flow security in Haskell, 2008.
33. A. Sabelfeld and A. C. Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21(1), January 2003.
34. A. Sabelfeld and A. Russo. From dynamic to static and back: Riding the roller coaster of information-flow control research. In Proc. Andrei Ershov International Conference on Perspectives of System Informatics, June 2009.
35. V. Simonet. The Flow Caml system. Software release. Located at http://cristal.inria.fr/~simonet/soft/flowcaml/, July 2003.
36. S. Tse and S. Zdancewic. Translating dependency into parametricity. In Proc. of the Ninth ACM SIGPLAN International Conference on Functional Programming. ACM, 2004.
37. S. VanDeBogart, P. Efstathopoulos, E. Kohler, M. Krohn, C. Frey, D. Ziegler, F. Kaashoek, R. Morris, and D.Mazières. Labels and event processes in the Asbestos operating system. ACM Trans. on Computer Systems, 25(4):11:1-43, December 2007. A version appeared in Proc. of the 20th ACM Symp. on Operating System Principles, 2005.
38. D. Volpano and G. Smith. Probabilistic noninterference in a concurrent language. J. Computer Security, 7(2-3), Nov. 1999.
39. N. Zeldovich, S. Boyd-Wickizer, E. Kohler, and D. Mazières. Making information flow explicit in HiStar, November 2006.
40. N. Zeldovich, S. Boyd-Wickizer, and D. Mazières. Securing distributed systems with information flow control, April 2008.