Faceted secure multi execution
Paper in proceeding, 2018

Publication rights licensed to ACM. To enforce non-interference, both Secure Multi-Execution (SME) and Multiple Facets (MF) rely on the introduction of multi-executions. The attractiveness of these techniques is that they are precise: secure programs running under SME or MF do not change their behavior. Although MF was intended as an optimization for SME, it does provide a weaker security guarantee for termination leaks. This paper presents Faceted Secure Multi Execution (FSME), a novel synthesis of MF and SME that combines the stronger security guarantees of SME with the optimizations of MF. The development of FSME required a unification of the ideas underlying MF and SME into a new multi-execution framework (), which can be parameterized to provide MF, SME, or our new approach FSME, thus enabling an apples-to-apples comparison and benchmarking of all three approaches. Unlike the original work on MF and SME, supports arbitrary (and possibly infinite) lattices necessary for decentralized labeling models—a feature needed in order to make possible the writing of applications where each principal can impose confidentiality and integrity requirements on data. We provide some micro-benchmarks for evaluating and write a file hosting service, called ProtectedBox, whose functionality can be securely extended via third-party plugins.

Haskell

Information-flow control

Decentralized labels

Multi-executions

Author

Thomas Schmitz

University of California

Cormac Flanagan

University of California

Maximilian Algehed

Chalmers, Computer Science and Engineering (Chalmers), Functional Programming

Alejandro Russo

Chalmers, Computer Science and Engineering (Chalmers), Information Security

Proceedings of the ACM Conference on Computer and Communications Security

15437221 (ISSN)

1617-1634
978-145035693-0 (ISBN)

25th ACM Conference on Computer and Communications Security, CCS 2018
Toronto, Canada,

Subject Categories

Computer Engineering

Computer Science

Computer Systems

DOI

10.1145/3243734.3243806

More information

Latest update

1/22/2019