Abstract
The π-calculus, a calculus of mobile processes, can compositionally represent dynamics of major programming constructs by decomposing them into name passing. The present work reports our experience in using a linear/affine typed π-calculus for the analysis and development of type-based analyses for programming languages, focussing on secure information flow analysis. After presenting a basic typed calculus for secrecy, we demonstrate its usage by a sound embedding of the dependency core calculus (DCC) and the development of the call-by-value version of DCC. The secrecy analysis is then extended to stateful computation, for which we develop a novel type discipline for imperative programming language that extends a secure multi-threaded imperative language by Smith and Volpano with general references and higher-order procedures. In each analysis, the embedding gives a simple proof of noninterference.
- Abadi, M. 1999. Secrecy in programming-language semantics. Electr. Notes Theor. Comput. Sci. 20, 1 (Jan.), 1--15.Google Scholar
Cross Ref
- Abadi, M., Banerjee, A., Heintze, N., and Riecke, J. G. 1999. A core calculus of dependency. In Proceedings of the 26th Annual Symposium on Principles of Programming Languages. ACM, New York, 147--160. Google Scholar
Digital Library
- Abramsky, S., Honda, K., and McCusker, G. 1998. Fully abstract game semantics for general references. In Proceedings of the Conference on Logic in Computer Science. IEEE Computer Society Press, Los Alamitos, CA, 334--344. Google Scholar
Digital Library
- Abramsky, S., Jagadeesan, R., and Malacaria, P. 2000. Full abstraction for PCF. Inf. Comput. 163, 409--470. Google Scholar
Digital Library
- Amtoft, T., Nielson, F., and Nielson, H. R. 1999. Type and Effect Systems: Behaviours for Concurrency. Imperial College Press.Google Scholar
- Bell, D. E. and La Padula, L. 1973. Secure computer systems: Mathematical foundations. Tech. Rep. MTR-2547, Computer Laboratory, University of Cambridge, Cambridge, MA, March.Google Scholar
- Berger, M., Honda, K., and Yoshida, N. 2000. Sequentiality and the π-calculus. Full version of {Berger et al. 2001}.Google Scholar
- Berger, M., Honda, K., and Yoshida, N. 2001. Sequentiality and the π-calculus. In Proceedings of TLCA'01. Lecture Notes in Computer Science, vol. 2044. Springer-Verlag, New York, 29--45. Google Scholar
Digital Library
- Berger, M., Honda, K., and Yoshida, N. 2005. Genericity and the π-calculus. Acta Inf. 42, 2-3, 83--141. Google Scholar
Digital Library
- Bodei, C., Degano, P., Nielson, F., and Nielson, H. R. 1998. Control flow analysis for the pi-calculus. In CONCUR. Lecture Notes in Computer Science, vol. 1466. Springer-Verlag, New York, 84--98. Google Scholar
Digital Library
- Bodei, C., Degano, P., Nielson, F., and Nielson, H. R. 1999. Static analysis of processes for no read-up and no write-down. In FoSSaCS. Lecture Notes in Computer Science, vol. 1578. Springer-Verlag, New York, 120--134. Google Scholar
Digital Library
- Boudol, G. 1992. Asynchrony and the pi-calculus. Tech. Rep. 1702, INRIA.Google Scholar
- Boudol, G. and Castellani, I. 2002. Noninterference for concurrent programs and thread systems. Theoret. Comput. Sci. 281, 1-2, 109--130.Google Scholar
Cross Ref
- Damas, L. 1985. Type assignment in programming languages. Ph.D. dissertation, University of Edinburgh, Edinburgh, Scotland.Google Scholar
- Denning, D. E. and Denning, P. J. 1977. Certification of programs for secure information flow. Commun. ACM 20, 7, 504--513. Google Scholar
Digital Library
- Fiore, M. 1994. Axiomatic domain theory in cagtegory of partial maps. Ph.D. dissertation, University of Edinburgh, Edinburgh, Scotland.Google Scholar
- Fiore, M. P. and Honda, K. 1998. Recursive types in games: Axiomatics and process representation. In Proceedings of the Conference on Logic in Computer Science. IEEE Computer Society Press, Los Alamitos, CA, 345--356. Google Scholar
Digital Library
- Focardi, R., Gorrieri, R., and Martinelli, F. 2000. Non interference for the analysis of cryptographic protocols. In Proceedings of the International Colloquium on Antomata, Languages and Programming. Lecture Notes in Computer Science, vol. 1853. Springer-Verlag, New York, 354--372. Google Scholar
Digital Library
- Girard, J.-Y. 1987. Linear logic. Theoret. Comput. Sci. 50, 1--102. Google Scholar
Digital Library
- Heintze, N. and Riecke, J. G. 1998. The slam calculus: Programming with secrecy and integrity. In Proceedings of the 25th Annual Symposium on Principles of Programming Languages. ACM, New York, 365--377. Google Scholar
Digital Library
- Hennessy, M. and Riely, J. 2000. Information flow vs. resource access in the asynchronous pi-calculus. In Proceedings of the International Colloquium on Antomata, Languages and Programming. Lecture Notes in Computer Science, vol. 1853. Springer-Verlag, New York, 415--427. Google Scholar
Digital Library
- Honda, K. 1993. Types for Dyadic Interaction. In CONCUR'93. Lecture Notes in Computer Science, vol. 715. Springer-Verlag, New York, 509--523. Google Scholar
Digital Library
- Honda, K. 1996. Composing Processes. In Proceedings of the Symposium on Principles of Programming Languages. ACM, New York, 344--357. Google Scholar
Digital Library
- Honda, K. and Tokoro, M. 1991. An object calculus for asynchronous communication. In Proceedings of European Conference on Object-Oriented Programming. Lecture Notes in Computer Science, vol. 512. Springer-Verlag, New York, 133--147. Google Scholar
Digital Library
- Honda, K., Vasconcelos, V. T., and Kubo, M. 1998. Language primitives and type disciplines for structured communication-based programming. In Proceedings of the European Symposium on Programming. Lecture Notes in Computer Science, vol. 1381. Springer-Verlag, New York, 22--138. Google Scholar
Digital Library
- Honda, K., Vasconcelos, V. T., and Yoshida, N. 2000. Secure information flow as typed process behavior. In Proceedings of the European Symposium on Programming. Lecture Notes in Computer Science, vol. 1782. Springer-Verlag, New York, 180--199. Google Scholar
Digital Library
- Honda, K. and Yoshida, N. 1995. On reduction-based process semantics. Theoret. Comput. Sci. 151, 437--486. Google Scholar
Digital Library
- Honda, K. and Yoshida, N. 1999. Game-theoretic analysis of call-by-value computation. Theoret. Comput. Sci. 221, 393--456. Google Scholar
Digital Library
- Honda, K. and Yoshida, N. 2002. A uniform type structure for secure information flow. In Proceedings of the Symposium on Principles of Programming Languages. ACM, New York, 81--92. Google Scholar
Digital Library
- Honda, K. and Yoshida, N. 2003. Addendum to “Uniform type structure for secure information flow”: Subject reduction with inflation. Available at http://www.doc.ic.ac.uk/~yoshida.Google Scholar
- Honda, K. and Yoshida, N. 2005. Noninterference through flow analysis. J. Funct. Program. 15, 2 (Mar.), 293--349. Google Scholar
Digital Library
- Honda, K., Yoshida, N., and Berger, M. 2004. Control in the π-calculus. In Proceedings of CW'04. ACM, New York.Google Scholar
- Howard, B. T. 1996. Inductive, coinductive, and pointed types. In Proceedings of ICFP'96. ACM, New York, 102--109. Google Scholar
Digital Library
- Hudak, P., Jones, S., and Wadler, P. 1992. The Haskell home page. http://haskell.org.Google Scholar
- Hyland, J. M. E. and Ong, C.-H. L. 1995. Pi-calculus, dialogue games and PCF. In Proceedings of FPCA. ACM Press, 96--107. Google Scholar
Digital Library
- Hyland, J. M. E. and Ong, C. H. L. 2000. On full abstraction for PCF. Inf. Comput. 163, 285--408. Google Scholar
Digital Library
- Jones, C. B. 1983a. Specification and design of (parallel) programs. In IFIP Congress. North-Holland, Amsterdam, The Netherlands. 321--332.Google Scholar
- Jones, C. B. 1983b. Tentative steps toward a development method for interfering programs. ACM Trans. Program. Lang. Syst. 5, 4, 596--619. Google Scholar
Digital Library
- Kobayashi, N., Pierce, B. C., and Turner, D. N. 1999. Linearity and the Pi-calculus. ACM Trans. Program. Lang. Syst. 21, 5 (Sept.), 914--947. Google Scholar
Digital Library
- Lampson, B. W. 1973. A note on the confinement problem. Commun. ACM 16, 10, 613--615. Google Scholar
Digital Library
- Leroy, X. and Weis, P. 1991. Polymorphic type inference and assignment. In POPL '91: Proceedings of the 18th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM, New York, 291--302. Google Scholar
Digital Library
- Milner, R. 1980. A Calculus of Communicating Systems. Lecture Notes in Computer Science, vol. 92. Springer, Berlin, Germany. Google Scholar
Digital Library
- Milner, R. 1989. Communication and Concurrency. Prentice-Hall, Englewood Cliffs, NJ. Google Scholar
Digital Library
- Milner, R. 1992a. Functions as processes. Math. Struct. Comput. Sci. 2, 2, 119--141.Google Scholar
Cross Ref
- Milner, R. 1992b. The polyadic π-calculus: A tutorial. In Proceedings of the International Summer School on Logic Algebra of Specification. Marktoberdorf.Google Scholar
- Milner, R., Parrow, J., and Walker, D. 1992. A calculus of mobile processes, Parts I and II. Inf. Comput. 100, 1, 1--77. Google Scholar
Digital Library
- Milner, R., Tofte, M., and Harper, R. W. 1990. The Definition of Standard ML. MIT Press, Cambridge, MA. Google Scholar
Digital Library
- Mitchell, J. C. 1996. Foundations for Programming Languages. MIT Press, Cambridge, MA. Google Scholar
Digital Library
- Moggi, E. 1991. Notions of computation and monads. Inf. Comput. 93, 1, 55--92. Google Scholar
Digital Library
- Myers, A. C. 1999. Jflow: Practical mostly-static information flow control. In Proceedings of 26th Symposium on Principles of Programming Languages. ACM, New York, 228--241. Google Scholar
Digital Library
- Nielson, F., Nielson, H. R., and Hankin, C. 1999. Proceedings of the Symposium on Principles of Program Analysis. Springer-Verlag, New York.Google Scholar
- Ørbæk, P. and Palsberg, J. 1997. Trust in the lambda-calculus. J. Funct. Program. 7, 6, 557--591. Google Scholar
Digital Library
- Palsberg, J. 2001. Type-based analysis and applications. In Proceedings of the Workshop on Progeam Analysis for Software Tools and Engineering. ACM, New York, 20--27. Google Scholar
Digital Library
- Pierce, B. and Sangiorgi, D. 1996. Typing and subtyping for mobile processes. Math. Struct. Comput. Sci. 6, 5, 409--454.Google Scholar
Cross Ref
- Pierce, B. C. 2002. Types and Programming Languages. MIT Press, Cambridge, MA. Google Scholar
Digital Library
- Pottier, F. 2002. A simple view of type-secure information flow in the π-calculus. In Proceedings of CSFW. IEEE Computer Society Press, Los Alamitos, CA, 320--330. Google Scholar
Digital Library
- Pottier, F. and Conchon, S. 2000. Information flow inference for free. In Proceedings of ICFP'00. (Montral, Canada). ACM, New York, 46--57. Google Scholar
Digital Library
- Pottier, F. and Simonet, V. 2003. Information flow inference for ML. ACM Trans. Program. Lang. Syst. 25, 1 (Jan.), 117--158. Google Scholar
Digital Library
- Ryan, P. Y. A. and Schneider, S. A. 1999. Process algebra and non-interference. In Proceedings of CSFW. IEEE Computer Society Press, Los Alamitos, CA, 214--227. Google Scholar
Digital Library
- Sabelfeld, A. and Sand, D. 1999. A per model of secure information flow in sequential programs. In Proceedings of the European Symposium on Programming. Number 1576 in Lecture Notes in Computer Science, vol. 1576. Springer-Verlag, New York, 40--58. Google Scholar
Digital Library
- Smith, G. 2001. A new type system for secure information flow. In Proceedings of CSFW. IEEE, New York. Google Scholar
Digital Library
- Smith, G. and Volpano, D. 1998. Secure information flow in a multi-threaded imperative language. In POPL '98: Proceedings of the 25th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM, New York, 355--364. Google Scholar
Digital Library
- Talpin, J.-P. and Jouvelot, P. 1992. The type and effect discipline. In Proceedings of the Conference on Logic in Computer Science. IEEE Computer Society Press, Los Alamitos, CA, 162--173.Google Scholar
- Tofte, M. 1990. Type inference for polymorphic references. Inf. Comput. 89, 1--34. Google Scholar
Digital Library
- Tse, S. and Zdancewic, S. 2004. Translating dependency into parametricity. In Proceedings of ICFP'04. ACM, New York, 115--125. Google Scholar
Digital Library
- Volpano, D., Irvine, C., and Smith, G. 1996. A sound type system for secure flow analysis. J. Comput. Secur. 4, 2,3, 167--187. Google Scholar
Digital Library
- Wright, A. 1994. Typing references by effect inference. In Proceedings of the European Symposium on Programming. Lecture Notes in Computer Science, vol. 582. Springer-Verlag, New York, 473--491. Google Scholar
Digital Library
- Yoshida, N. 1996. Graph types for monadic mobile processes. In Proc. FSTTCS'96. Lecture Notes in Computer Science, vol. 1180. Springer-Verlag, New York, 371--386. (The full version as LFCS Technical Report, University of Edinburgh, ECS-LFCS-96-350, 1996). Google Scholar
Digital Library
- Yoshida, N. 2002. Type-based liveness guarantee in the presence of nontermination and nondeterminism. In PPL '03, Proc. of JSST Workshop Programming and Program Language. JSST, 32--46. MCS Technical Report, 2002-20, University of Leicester. Available at www.doc.ic.ac.uk/~yoshida.Google Scholar
- Yoshida, N., Berger, M., and Honda, K. 2004. Strong Normalization in the π-Calculus. Inf. Comput. 191, 145--202. Google Scholar
Digital Library
- Yoshida, N., Honda, K., and Berger, M. 2002. Linearity and bisimulation. In Proceedings of FoSSaCs02. Lecture Notes in Computer Science, vol. 2303. Springer-Verlag, New York, 417--433. (A full version in Journal of Logic and Algebraic Programming.) Google Scholar
Digital Library
- Zdancewic, S. and Myers, A. C. 2001. Secure information flow and CPS. In Proceedings of the European Symposium on Programming. Lecture Notes in Computer Science, vol. 2028. Springer-Verlag, New York, 46--62. Google Scholar
Digital Library
- Zdancewic, S. and Myers, A. C. 2003. Observational determinism for concurrent program security. In Proceedings of CSFW. IEEE Computer Society Press, Los Alamitos, CA, 29--45.Google Scholar
Index Terms
A uniform type structure for secure information flow
Recommendations
A uniform type structure for secure information flow
POPL '02: Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languagesThe π-calculus is a formalism of computing in which we can compositionally represent dynamics of major programming constructs by decomposing them into a single communication primitive, the name passing. This work reports our experience in using a linear/...
Secure information flow with random assignment and encryption
FMSE '06: Proceedings of the fourth ACM workshop on Formal methods in securityType systems for secure information flow aim to prevent a program from leaking information from variables classified as $H$ to variables classified as $L$. In this work we extend such a type system to address encryption and decryption; our intuition is ...
Information-flow types for homomorphic encryptions
CCS '11: Proceedings of the 18th ACM conference on Computer and communications securityWe develop a flexible information-flow type system for a range of encryption primitives, precisely reflecting their diverse functional and security features. Our rules enable encryption, blinding, homomorphic computation, and decryption, with selective ...






Comments