On the Foundations of Information-Flow Control and Effects
Doctoral thesis, 2024

There is no doubt that society depends crucially on software systems. Correct software is therefore a pressing matter. An important aspect of software correctness is security: for example, a banking application is secure, if at least it does not send your credit card number to an unauthorised third party. It is well-known that software is riddled with bugs. Some are introduced by human mistakes; some by deficiencies of the programming languages at use. Security vulnerabilities arising from both kinds of bugs appear time and again, affecting the security needs of millions of users. It thus becomes imperative to design programming languages that help programmers avoid bugs. Developers must demand assurances that secure programming languages indeed produce secure software. This warrants mathematical justification in the form of proof. To increase reusability, these proofs would ideally be carried out in a framework that is modular on the features of the programming language.

Language-based security investigates the security aspects of software, such as confidentiality or integrity, from the perspective of programming language theory. One approach to information-flow control (IFC) studies the design of programming languages in which programs are secure-by-construction. In this approach, types guide the development of programs, and the type system ensures that well-typed programs are secure. Practical programs feature effects such as nontermination or printing. Type systems for IFC need therefore to take these into account to guarantee security. Establishing the correctness of IFC type-systems for effectful languages is a complex matter, which often relies on ad hoc methods that depend on the concrete kinds of effects.

In this thesis, we describe a novel theory of information flow with effects. In our framework the correctness of IFC type-systems can be proved modularly with respect to the kind of effects. This theory builds upon existing models of information flow and models of effects, and thus, is readily applicable. Independently, this thesis makes two additional contributions. First, we show how to extend concurrent IFC languages with asynchronous exceptions, which, e.g., enable secure interthread communication. Second, we present a new technique for proving correctness of IFC type systems based on normalization. As a byproduct of independent interest, we present novel normalization results for the family of so-called Fitch-style modal calculi.

security

programming languages

information-flow control

Lecture hall ED, EDIT building Rännvägen 6B, Chalmers
Opponent: Professor Amal Ahmed, Northeastern University, Boston, U.S.A

Author

Carlos Tomé Cortiñas

Chalmers, Computer Science and Engineering (Chalmers), Information Security

Securing Asynchronous Exceptions

Proceedings - IEEE Computer Security Foundations Symposium,;Vol. 2020-June(2020)p. 214-229

Paper in proceeding

Simple Noninterference by Normalization

Proceedings of the ACM Conference on Computer and Communications Security,;(2019)p. 61-72

Paper in proceeding

Normalization for Fitch-Style Modal Calculi

PROCEEDINGS OF THE ACM ON PROGRAMMING LANGUAGES-PACMPL,;Vol. 6(2022)

Journal article

WebSec: Securing Web-driven Systems

Swedish Foundation for Strategic Research (SSF) (RIT17-0011), 2018-03-01 -- 2023-02-28.

Subject Categories

Computer Science

ISBN

978-91-8103-022-8

Doktorsavhandlingar vid Chalmers tekniska högskola. Ny serie: 5480

Publisher

Chalmers

Lecture hall ED, EDIT building Rännvägen 6B, Chalmers

Online

Opponent: Professor Amal Ahmed, Northeastern University, Boston, U.S.A

More information

Latest update

3/21/2024