skip to main content
10.1145/1111037.1111046acmconferencesArticle/Chapter ViewAbstractPublication PagespoplConference Proceedingsconference-collections
Article

A logic for information flow in object-oriented programs

Published:11 January 2006Publication History

ABSTRACT

This paper specifies, via a Hoare-like logic, an interprocedural and flow sensitive (but termination insensitive) information flow analysis for object-oriented programs. Pointer aliasing is ubiquitous in such programs, and can potentially leak confidential information. Thus the logic employs independence assertions to describe the noninterference property that formalizes confidentiality, and employs region assertions to describe possible aliasing. Programmer assertions, in the style of JML, are also allowed, thereby permitting a more fine-grained specification of information flow policy.The logic supports local reasoning about state in the style of separation logic. Small specifications are used; they mention only the variables and addresses relevant to a command. Specifications are combined using a frame rule. An algorithm for the computation of postconditions is described: under certain assumptions, there exists a strongest postcondition which the algorithm computes.

References

  1. T. Amtoft, S. Bandhakavi, and A. Banerjee. A logic for information flow analysis of pointer programs. Technical Report CIS TR 2005-1, Kansas State University, July 2005.]]Google ScholarGoogle Scholar
  2. T. Amtoft and A. Banerjee. Information flow analysis in logical form. In SAS, LNCS 3148, pages 100--115. Springer-Verlag, 2004.]]Google ScholarGoogle Scholar
  3. T. Amtoft and A. Banerjee. A logic for information flow analysis with an application to forward slicing of simple imperative programs. Science of Computer Programming, special issue of SAS 2004. To appear.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. A. Askarov. Secure Implementation of cryptographic protocols: A case study of mutual distrust. Master's dissertation, Chalmers University of Technology, April 2005.]]Google ScholarGoogle Scholar
  5. A. Askarov and A. Sabelfeld. Security-typed languages for implementation of cryptographic protocols: A case study. In ESORICS, LNCS 3679, pages 197--221. Springer-Verlag, 2005.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. A. Banerjee and D. A. Naumann. Stack-based access control and secure information flow. JFP 15(2):131--177, Mar. 2005.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. M. Barnett, D. A. Naumann, W. Schulte, and Q. Sun. 99.44% pure: Useful abstractions in specifications. In ECOOP workshop on Formal Techniques for Java-like Programs (FTfJP), 2004.]]Google ScholarGoogle Scholar
  8. D. Bell and L. LaPadula. Secure computer systems: Mathematical foundations. Technical Report MTR-2547, MITRE Corp., 1973.]]Google ScholarGoogle Scholar
  9. M. Berndl, O. Lhoták, F. Qian, L. J. Hendren, and N. Umanee. Points-to analysis using BDDs. In PLDI, pages 103--114, 2003.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. M. Bishop. Computer Security: Art and Science. Addison-Wesley, 2003.]]Google ScholarGoogle Scholar
  11. A. Borgida, J. Mylopoulos, and R. Reiter. On the frame problem in procedure specifications. IEEE Transactions on Software Engineering 21(10):785--798, 1995.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. L. Burdy, Y. Cheon, D. R. Cok, M. D. Ernst, J. Kiniry, G. T. Leavens, K. R. M. Leino, and E. Poll. An overview of JML tools and applications. Electr. Notes Theor. Comput. Sci., 80, 2003.]]Google ScholarGoogle Scholar
  13. D. R. Chase, M. N. Wegman, and F. K. Zadeck. Analysis of pointers and structures (with retrospective). In Best of PLDI, pages 343--359, 1990.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. E. S. Cohen. Information transmission in sequential programs. In Foundations of Secure Computation, pages 297--335. Academic Press, 1978.]]Google ScholarGoogle Scholar
  15. D. Denning and P. Denning. Certification of programs for secure information flow. CACM 20(7):504--513, 1977.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. C. Flanagan, K. R. M. Leino, M. Lillibridge, G. Nelson, J. B. Saxe, and R. Stata. Extended static checking for Java. In PLDI, pages 234--245, 2002.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. J. Goguen and J. Meseguer. Security policies and security models. In Proc. IEEE Symp. on Security and Privacy, pages 11--20, 1982.]]Google ScholarGoogle ScholarCross RefCross Ref
  18. S. Hunt and D. Sands. On flow-sensitive security types. In POPL 2006. To appear.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. A. C. Myers. JFlow: Practical mostly-static information flow control. In POPL, pages 228--241, 1999.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. F. Nielson, H. R. Nielson, and C. Hankin. Principles of Program Analysis. Springer-Verlag, 1999.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. P. O'Hearn, J. Reynolds, and H. Yang. Local reasoning about programs that alter data structures. In CSL, LNCS 2142, pages 1--19. Springer-Verlag, 2001.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. F. Pottier and V. Simonet. Information flow inference for ML. TOPLAS 25(1):117--158, Jan. 2003.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. J. C. Reynolds. Separation logic: a logic for shared mutable data structures. In LICS, pages 55--74. 2002.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. A. Sabelfeld and A. C. Myers. Language-based information-flow security. IEEE J. Selected Areas in Communications, 21(1):5--19, Jan. 2003.]]Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Q. Sun, A. Banerjee, and D. A. Naumann. Modular and constraint-based information flow inference for an object-oriented language. In SAS, LNCS 3148, pages 84--99. Springer-Verlag, 2004.]]Google ScholarGoogle Scholar
  26. D. Volpano, G. Smith, and C. Irvine. A sound type system for secure flow analysis. Journal of Computer Security, 4(2/3):167--188, 1996.]] Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. A logic for information flow in object-oriented programs

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!