Securing Interaction between Threads and the Scheduler in the Presence of Synchronization
Journal article, 2009

The problem of information flow in multithreaded programs remains an important open challenge. Existing approaches to specifying and enforcing information-flow security often suffer from over-restrictiveness, relying on nonstandard semantics, lack of compositionality, inability to handle dynamic threads,inability to handle synchronization, scheduler dependence, and efficiency overhead for the code that results from security-enforcing transformations. This paper suggests a remedy for some of these shortcomings by developing a novel treatment of the interaction between threads and the scheduler. As a result, we present a permissive noninterference-like security specification and a compositional security type system that provably enforces this specification. The type system guarantees security for a wide class of schedulers and provides a flexible and efficiency-friendly treatment of dynamic threads.

Internal timing covert channel

semaphores

Non-interference

concurrency

language-based security

information-flow

Author

Alejandro Russo

Chalmers, Computer Science and Engineering (Chalmers), Computing Science (Chalmers)

Andrei Sabelfeld

Chalmers, Computer Science and Engineering (Chalmers), Computing Science (Chalmers)

Journal of Logic and Algebraic Programming

1567-8326 (ISSN)

Vol. 78 7 593-618

Subject Categories

Computer Science

DOI

10.1016/j.jlap.2008.09.003

More information

Created

10/7/2017