Secure Multi-Execution in Haskell
Paper in proceeding, 2012
Language-based information-flow security has emerged as a promising technology to guarantee confidentiality in on-line systems, where enforcement mechanisms are typically presented as run-time monitors, code transformations, or type-systems. Recently, an alternative technique, called secure multi-execution, has been proposed. The main idea behind this novel approach consists
on running a program multiple times, once for each security level, using special
rules for I/O operations. Compared to run-time monitors and type-systems, secure multi-execution does not require to inspect the full code of the application
(only its I/O actions). In this paper, we propose the core of a library to provide
non-interference through secure-multi execution. We present the code of the library as well as a running example for Haskell. To the best of our knowledge, this
paper is the first work to consider secure-multi execution in a functional setting
and provide this technology as a library.
Author
Mauro Jaskelioff
Universidad Nacional de Rosario
Alejandro Russo
Chalmers, Computer Science and Engineering (Chalmers), Software Technology (Chalmers)
Software Engineering and Technology (Chalmers)
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
03029743 (ISSN) 16113349 (eISSN)
Vol. 7162 LNCSAreas of Advance
Information and Communication Technology
Subject Categories
Computer Science
DOI
10.1007/978-3-642-29709-0_16