CPL - Chalmers Publication Library
| Utbildning | Forskning | Styrkeområden | Om Chalmers | In English In English Ej inloggad.

Precise Enforcement of Confidentiality for Reactive Systems

Dante Zanarini ; Mauro Jaskelioff ; Alejandro Russo (Institutionen för data- och informationsteknik, Programvaruteknik (Chalmers))
IEEE Computer Security Foundations Symposium (1063-6900). p. 18-32. (2013)
[Konferensbidrag, refereegranskat]

In the past years, researchers have been focusing on applying information flow security to web applications. These mechanisms should raise a minimum of false alarms in order to be applicable to millions of existing web pages. A promising technique to achieve this is secure multi-execution (SME). If a program is already secure, its secure multi-execution produces the same output events; otherwise, this correspondence is intentionally broken in order to preserve security. Thus, there is no way to know if unexpected results are due to bugs or due to semantics changes produced by SME. Moreover, SME provides no guarantees on the relative ordering of output events from different security levels. We argue that these shortcomings limit the applicability of SME. In this article, we propose a scheduler for secure multi-execution which makes it possible to preserve the order of output events. Using this scheduler, we introduce a novel combination between monitoring and SME, called multi-execution monitor, which raises alarms only for actions breaking the non-interference notion of ID-security for reactive systems. Additionally, we show that the monitor guarantees transparency even for CP-similarity, a progress-sensitive notion of observation.



Den här publikationen ingår i följande styrkeområden:

Läs mer om Chalmers styrkeområden  

Denna post skapades 2013-05-20. Senast ändrad 2015-03-02.
CPL Pubid: 177094

 

Läs direkt!


Länk till annan sajt (kan kräva inloggning)