Secure Information Flow via Linear Continuations
نویسندگان
چکیده
Security-typed languages enforce secrecy or integrity policies by type-checking. This paper investigates continuation-passing style (CPS) as a means of proving that such languages enforce noninterference and as a first step towards understanding their compilation. We present a low-level, secure calculus with higher-order, imperative features and linear continuations. Linear continuations impose a stack discipline on the control flow of programs. This additional structure in the type system lets us establish a strong informationflow security property called noninterference. We prove that our CPS target language enjoys the noninterference property and we show how to translate secure high-level programs to this low-level language. This noninterference proof is the first of its kind for a language with higher-order functions and state.
منابع مشابه
Secure Information Flow and CPS
Security-typed languages enforce secrecy or integrity policies by type-checking. This paper investigates continuation-passing style as a means of proving that such languages enforce non-interference and as a first step towards understanding their compilation. We present a lowlevel, secure calculus with higher-order, imperative features. Our type system makes novel use of ordered linear continua...
متن کاملSIFTAL: A Typed Assembly Language for Secure Information Flow Analysis
We study information flow for a typed assembly language where security types restrict information flow. Inspired by recent work in continuation-based information flow analysis, our language, Secure Information Flow TAL (SIFTAL), uses low-level linear continuations in order to impose a stack discipline on the control flow of programs. The challenge posed by studying information flow analysis at ...
متن کاملInformation Flow Analysis for a Typed Assembly Language with Polymorphic Stacks
We study secure information flow in a stack based Typed Assembly Language (TAL). We define a TAL with an execution stack and establish the soundness of its type system by proving non-interference. One of the problems of studying information flow for a low-level language is the absence of high-level control flow constructs that guide information flow analysis in high-level languages. Furthermore...
متن کاملConfidentiality and Integrity with Untrusted Hosts: Technical Report
Several security-typed languages have recently been proposed to enforce security properties such as confidentiality or integrity by type checking. We propose a new security-typed language, Spl@, that addresses two important limitations of previous approaches. First, existing languages assume that the underlying execution platform is trusted; this assumption does not scale to distributed computa...
متن کاملConfidentiality and Integrity with Untrusted Hosts
Several security-typed languages have recently been proposed to enforce security properties such as confidentiality or integrity by type checking. We propose a new security-typed language, SPL@, that addresses two important limitations of previous approaches. First, existing languages assume that the underlying execution platform is trusted; this assumption does not scale to distributed computa...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Higher-Order and Symbolic Computation
دوره 15 شماره
صفحات -
تاریخ انتشار 2002