Simple Noninterference by Normalization
Paper in proceeding, 2019

Information-flow control (IFC) languages ensure programs preserve the confidentiality of sensitive data. Noninterference, the desired security property of such languages, states that public outputs of programs must not depend on sensitive inputs. In this paper, we show that noninterference can be proved using normalization. Unlike arbitrary terms, normal forms of programs are well-principled and obey useful syntactic properties-hence enabling a simpler proof of noninterference. Since our proof is syntax-directed, it offers an appealing alternative to traditional semantic based techniques to prove noninterference.

In particular, we prove noninterference for a static IFC calculus, based on Haskell's seclib library, using normalization. Our proof follows by straightforward induction on the structure of normal forms. We implement normalization using normalization by evaluation and prove that the generated normal forms preserve semantics. Our results have been verified in the Agda proof assistant.

information-flow control

normalization by evaluation

noninterference

Author

Carlos Tomé Cortiñas

Chalmers, Computer Science and Engineering (Chalmers), Information Security

Other publications Research

Nachiappan Valliappan

Chalmers, Computer Science and Engineering (Chalmers), Information Security

Other publications Research

Proceedings of the ACM Conference on Computer and Communications Security

15437221 (ISSN)

61-72
978-1-4503-6836-0 (ISBN)

Workshop on Programming Languages and Analysis for Security (PLAS)
, ,

Octopi: Säker Programering för Sakernas Internet

Swedish Foundation for Strategic Research (SSF) (RIT17-0023), 2018-03-01 -- 2023-02-28.

Show Project

WebSec: Securing Web-driven Systems

Swedish Foundation for Strategic Research (SSF) (RIT17-0011), 2018-03-01 -- 2023-02-28.

Show Project

Subject Categories

Other Computer and Information Science

Language Technology (Computational Linguistics)

Computer Science

DOI

10.1145/3338504.3357342

Publication data connected to DOI

More information

Latest update

3/21/2023

Feedback and support

If you have questions, need help, find a bug or just want to give us feedback you may use this form, or contact us per e-mail research.lib@chalmers.se.

About

Research.chalmers.se contains research information from Chalmers University of Technology, Sweden. It includes information on projects, publications, research funders and collaborations.

More about coverage period and what is publicly available

Privacy and cookies

Accessibility

Citation Style Language
citeproc-js (Frank Bennett)

Links

Chalmers Library
Chalmers Research
Chalmers Student Theses

Chalmers University of Technology

SE-412 96 GOTHENBURG, SWEDEN
PHONE: +46 (0)31-772 10 00
WWW.CHALMERS.SE