Foundations for Parallel Information Flow Control Runtime Systems
Paper i proceeding, 2019

We present the foundations for a new dynamic information flow control (IFC) parallel runtime system, LIO-PAR. To our knowledge, LIO-PAR is the first dynamic language-level IFC system to (1) support deterministic parallel thread execution and (2) eliminate both internal- and external-timing covert channels that exploit the runtime system. Most existing IFC systems are vulnerable to external timing attacks because they are built atop vanilla runtime systems that do not account for security—these runtime systems allocate and reclaim shared resources, e.g., CPU-time and memory, fairly between threads at different security levels. While such attacks have largely been ignored—or, at best, mitigated—we demonstrate that extending IFC systems with parallelism leads to the internalizationof these attacks. Our IFC runtime system design addresses these concerns by hierarchically managing resources—both CPU-time and memory—and making resource allocation and reclamation explicit at the language-level. We prove that LIO-PAR is secure, i.e., it satisfies timing-sensitive non-interference, even when exposing clock and heap-statistics APIs.

runtime system

parallelism

non-interference

Författare

Marco Vassena

Chalmers, Data- och informationsteknik, Informationssäkerhet

Gary Soeller

University of California at San Diego (UCSD)

Peter Amidon

University of California at San Diego (UCSD)

Matthew Chan

Awake Security

John Renner

University of California at San Diego (UCSD)

Deian Stefan

University of California at San Diego (UCSD)

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

03029743 (ISSN) 16113349 (eISSN)

Vol. 11426 LNCS 1-28

Principles of Security and Trust
Prague, Czech Republic,

Ämneskategorier

Datorteknik

Inbäddad systemteknik

Datorsystem

DOI

10.1007/978-3-030-17138-4_1

Mer information

Senast uppdaterat

2022-10-14