On Dynamic Flow-Sensitive Floating-Label Systems
Paper in proceedings, 2014

Flow-sensitive analysis for information-flow control (IFC) allows data structures to have mutable security labels, i.e., labels that can change over the course of the computation. This feature is often used to boost the permissiveness of the IFC monitor, by rejecting fewer programs, and to reduce the burden of explicit label annotations. However, when added naively, in a purely dynamic setting, mutable labels can expose a high bandwidth covert channel. In this work, we present an extension for LIO—a language-based floating-label system— that safely handles flow-sensitive references. The key insight to safely manipulating the label of a reference is to not only consider the label on the data stored in the reference, i.e., the reference label, but also the label on the reference label itself. Taking this into consideration, we provide an upgrade primitive that can be used to change the label of a reference in a safe manner. To eliminate the burden of determining when a reference should be upgraded, we additionally provide a mechanism for automatic upgrades. Our approach naturally extends to a concurrent setting, not previously considered by dynamic flow-sensitive systems. For both our sequential and concurrent calculi, we prove non-interference by embedding the flow-sensitive system into the flow-insensitive LIO calculus, a surprising result on its own.

language-based security

flow sensitivity

information-flow control

dynamic enforcement

floating label

Author

Pablo Buiras

Chalmers, Computer Science and Engineering (Chalmers), Software Technology (Chalmers)

Deian Stefan

Alejandro Russo

Chalmers, Computer Science and Engineering (Chalmers), Software Technology (Chalmers)

27th IEEE Computer Security Foundations Symposium, CSF 2014, Vienna, Austria, 19-22 July 2014

1063-6900 (ISSN)

Vol. 2014-January 65-79

Areas of Advance

Information and Communication Technology

Subject Categories

Computer and Information Science

Computer Science

DOI

10.1109/CSF.2014.13

ISBN

978-1-4799-4290-9