Attacker Control and Impact for Confidentiality and Integrity

Aslan Askarov; Andrew Myers

doi:10.2168/LMCS-7(3:17)2011

Aslan Askarov ; Andrew Myers - Attacker Control and Impact for Confidentiality and Integrity

lmcs:987 - Logical Methods in Computer Science, September 26, 2011, Volume 7, Issue 3 - https://doi.org/10.2168/LMCS-7(3:17)2011

Attacker Control and Impact for Confidentiality and IntegrityArticle

Authors: Aslan Askarov ; Andrew Myers

Language-based information flow methods offer a principled way to enforce strong security properties, but enforcing noninterference is too inflexible for realistic applications. Security-typed languages have therefore introduced declassification mechanisms for relaxing confidentiality policies, and endorsement mechanisms for relaxing integrity policies. However, a continuing challenge has been to define what security is guaranteed when such mechanisms are used. This paper presents a new semantic framework for expressing security policies for declassification and endorsement in a language-based setting. The key insight is that security can be characterized in terms of the influence that declassification and endorsement allow to the attacker. The new framework introduces two notions of security to describe the influence of the attacker. Attacker control defines what the attacker is able to learn from observable effects of this code; attacker impact captures the attacker's influence on trusted locations. This approach yields novel security conditions for checked endorsements and robust integrity. The framework is flexible enough to recover and to improve on the previously introduced notions of robustness and qualified robustness. Further, the new security conditions can be soundly enforced by a security type system. The applicability and enforcement of the new policies is illustrated through various examples, including data sanitization and authentication.

https://doi.org/10.2168/LMCS-7(3:17)2011

Source: arXiv.org:1107.5594

Volume: Volume 7, Issue 3

Published on: September 26, 2011

Imported on: June 14, 2010

Keywords: Computer Science - Programming Languages,Computer Science - Cryptography and Security,D.3.3, D.4.6

Licence: arXiv.org - Non-exclusive license to distribute

Funding:

Source : OpenAIRE Graph

TC: Medium: Higher-Level Abstractions for Trustworthy Federated Systems; Funder: National Science Foundation; Code: 0964409
Team for Research in Ubiquitous Secure Technology (TRUST); Funder: National Science Foundation; Code: 0424422

Bibliographic References

22 Documents citing this article

Aditya Oak;Amir M. Ahmadian;Musard Balliu;Guido Salvaneschi, KTH Publication Database DiVA (KTH Royal Institute of Technology), Language Support for Secure Software Development with Enclaves, 2021, Dubrovnik, Croatia, 10.1109/csf51468.2021.00037, http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-295509.

Jeppe Fredsgaard Blaabjerg;Aslan Askarov, arXiv (Cornell University), Towards Language-Based Mitigation of Traffic Analysis Attacks, 2021, Dubrovnik, Croatia, 10.1109/csf51468.2021.00030, https://arxiv.org/abs/2106.12934.

Andrei Popescu;Peter Lammich;Ping Hou, 2020, CoCon: A Conference Management System with Formally Verified Document Confidentiality, Journal of Automated Reasoning, 65, 2, pp. 321-356, 10.1007/s10817-020-09566-9, https://doi.org/10.1007/s10817-020-09566-9.

Andrew K. Hirsch;Pedro H. Azevedo de Amorim;Ethan Cecchetti;Ross Tate;Owen Arden, arXiv (Cornell University), First-Order Logic for Flow-Limited Authorization, 2020, Boston, MA, USA, 10.1109/csf49147.2020.00017, https://arxiv.org/abs/2001.10630.

Johan Bay;Aslan Askarov, arXiv (Cornell University), Reconciling progress-insensitive noninterference and declassification, 2020, Boston, MA, USA, 10.1109/csf49147.2020.00015, https://arxiv.org/pdf/2005.01977.pdf.

Mathias Vorreiter Pedersen;Stephen Chong, Scopus (Elsevier), Programming with Flow-Limited Authorization: Coarser is Better, 2019, Stockholm, Sweden, 10.1109/eurosp.2019.00015, https://pure.au.dk/ws/files/160407665/DFLAMIO_paper.pdf.

N. V. Narendra Kumar;R. K. Shyamasundar, Communications in computer and information science (Print), A Semantic Notion of Secure Information-Flow, pp. 35-52, 2019, 10.1007/978-981-13-7561-3_3.

Simon Oddershede Gregersen;Søren Eller Thomsen;Aslan Askarov, Lecture notes in computer science, A Dependently Typed Library for Static Information-Flow Control in Idris, pp. 51-75, 2019, 10.1007/978-3-030-17138-4_3, https://doi.org/10.1007/978-3-030-17138-4_3.

Andrey Chudnov;David A. Naumann, 2018 IEEE 31st Computer Security Foundations Symposium (CSF), Assuming You Know: Epistemic Semantics of Relational Annotations for Expressive Flow Policies, 2018, Oxford, 10.1109/csf.2018.00021.

Roberto Giacobazzi;Isabella Mastroeni, 2018, Abstract Non-Interference, ACM transactions on privacy and security, 21, 2, pp. 1-31, 10.1145/3175660.

Shyamasundar Rudrapatna;NV Narendra Kumar;Abhijit Taware;Parjanya Vyas, 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), An Experimental Flow Secure File System, 2018, New York, NY, USA, 10.1109/trustcom/bigdatase.2018.00113.

Ethan Cecchetti;Andrew C. Myers;Owen Arden, arXiv (Cornell University), Nonmalleable Information Flow Control, 2017, Dallas Texas USA, 10.1145/3133956.3134054, https://arxiv.org/abs/1708.08596.

Jed Liu;Owen Arden;Michael D. George;Andrew C. Myers, 2017, Fabric: Building open distributed systems securely by construction, Journal of Computer Security, 25, 4-5, pp. 367-426, 10.3233/jcs-15805.

Mounir Assaf;David A. Naumann, 2016 IEEE 29th Computer Security Foundations Symposium (CSF), Calculational Design of Information Flow Monitors, 2016, Lisbon, 10.1109/csf.2016.22.

Xun Gong;Negar Kiyavash, 2016, Quantifying the Information Leakage in Timing Side Channels in Deterministic Work-Conserving Schedulers, arXiv (Cornell University), 24, 3, pp. 1841-1852, 10.1109/tnet.2015.2438860, http://arxiv.org/abs/1403.1276.

Lin Yan;Yao Guo;Xiangqun Chen;Hong Mei, arXiv (Cornell University), A Study on Power Side Channels on Mobile Devices, 2015, Wuhan China, 10.1145/2875913.2875934, https://arxiv.org/abs/1512.07972.

Sergio Mauricio Martínez Monterrubio;Juan Frausto Solis;Raúl Monroy Borja, 2015, EMRlog Method for Computer Security for Electronic Medical Records with Logic and Data Mining, BioMed Research International, 2015, pp. 1-12, 10.1155/2015/542016, https://doi.org/10.1155/2015/542016.

Andrey Chudnov;George Kuan;David A. Naumann, 2014 IEEE 27th Computer Security Foundations Symposium, Information Flow Monitoring as Abstract Interpretation for Relational Logic, 2014, Vienna, 10.1109/csf.2014.12.

Gilles Barthe;Gustavo Betarte;Juan Campo;Carlos Luna;David Pichardie, System-level Non-interference for Constant-time Cryptography, 2014, Scottsdale Arizona USA, 10.1145/2660267.2660283, https://hal.inria.fr/hal-01101950.

Benjamin Venelle;Jeremy Briffaut;Laurent Clevy;Christian Toinard, Security Enhanced Java: Mandatory Access Control for the Java Virtual Machine, 2013, Paderborn, Germany, 10.1109/isorc.2013.6913208.

Musard Balliu, KTH Publication Database DiVA (KTH Royal Institute of Technology), A Logic for Information Flow Analysis of Distributed Programs, pp. 84-99, 2013, 10.1007/978-3-642-41488-6_6, http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-136195.

O. Arden;M. D. George;J. Liu;K. Vikram;A. Askarov;et al., CiteSeer X (The Pennsylvania State University), Sharing Mobile Code Securely with Information Flow Control, 2012, San Francisco, CA, USA, 10.1109/sp.2012.22, http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.228.240.

Sources : OpenCitations, OpenAlex & Crossref

Share and export

Consultation statistics

This page has been seen 1368 times.

This article's PDF has been downloaded 499 times.