skip to main content
demonstration

Building secure systems with LIO (demo)

Published:03 September 2014Publication History
Skip Abstract Section

Abstract

LIO is a decentralized information flow control (DIFC) system, implemented in Haskell. In this demo proposal, we give an overview of the LIO library and show how LIO can be used to build secure systems. In particular, we show how to specify high-level security policies in the context of web applications, and describe how LIO automatically enforces these policies even in the presence of untrusted code.

References

  1. D. B. Giffin, A. Levy, D. Stefan, D. Terei, D. Mazi'eres, J. Mitchell, and A. Russo. Hails: Protecting data privacy in untrusted web applications. In Proc. of the 10th OSDI, pages 47--60. USENIX, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. C. Hriţcu, M. Greenberg, B. Karel, B. C. Pierce, and G. Morrisett. All your ifcexception are belong to us. In Proc. of the IEEE Symp. on Security and Privacy, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. A. C. Myers and B. Liskov. A decentralized model for information flow control. In Proc. of the 16th SOSP, pages 129--142, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. A. Sabelfeld and A. C. Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21(1), 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. D. Stefan, A. Russo, D. Mazi'eres, and J. C. Mitchell. Disjunction category labels. In NordSec 2011, LNCS. Springer, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. D. Stefan, A. Russo, J. C. Mitchell, and D. Mazi'eres. Flexible dynamic information flow control in Haskell. In Haskell Symposium, pages 95--106. ACM SIGPLAN, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. D. Stefan, A. Russo, P. Buiras, A. Levy, J. C.Mitchell, and D.Mazi'eres. Addressing covert termination and timing channels in concurrent information flow systems. In Proc. of the 17th ICFP, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. D. Stefan, A. Russo, J. C. Mitchell, and D. Mazi'eres. Flexible dynamic information flow control in the presence of exceptions. Arxiv preprint arXiv:1207.1457, 2012.Google ScholarGoogle Scholar
  9. D. Terei, S.Marlow, S. Peyton Jones, and D. Mazi'eres. Safe Haskell. In ACM SIGPLAN Notices, volume 47, pages 137--148. ACM, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Building secure systems with LIO (demo)

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image ACM SIGPLAN Notices
      ACM SIGPLAN Notices  Volume 49, Issue 12
      Haskell '14
      December 2014
      141 pages
      ISSN:0362-1340
      EISSN:1558-1160
      DOI:10.1145/2775050
      • Editor:
      • Andy Gill
      Issue’s Table of Contents
      • cover image ACM Conferences
        Haskell '14: Proceedings of the 2014 ACM SIGPLAN symposium on Haskell
        September 2014
        154 pages
        ISBN:9781450330411
        DOI:10.1145/2633357

      Copyright © 2014 Owner/Author

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 3 September 2014

      Check for updates

      Qualifiers

      • demonstration

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!