TU Darmstadt / ULB / TUbiblio

Hybrid Monitors for Concurrent Noninterference

Askarov, Aslan and Chong, Stephen and Mantel, Heiko :
Hybrid Monitors for Concurrent Noninterference.
Proceedings of the 28th IEEE Computer Security Foundations Symposium (CSF) IEEE Computer Society
[Conference or Workshop Item] , (2015)

Abstract

Controlling confidential information in concurrent systems is difficult, due to covert channels resulting from interaction between threads. This problem is exacerbated if threads share resources at fine granularity. In this work, we propose a novel monitoring framework to enforce strong information security in concurrent programs. Our monitors are hybrid, combining dynamic and static program analysis to enforce security in a sound and rather precise fashion. In our framework, each thread is guarded by its own local monitor, and there is a single global monitor. We instantiate our monitoring framework to support rely-guarantee style reasoning about the use of shared resources, at the granularity of individual memory locations, and then specialize local monitors further to enforce flow-sensitive progress-sensitive information-flow control. Our local monitors exploit rely-guarantee-style reasoning about shared memory to achieve high precision. Soundness of rely-guarantee-style reasoning is guaranteed by all monitors cooperatively. The global monitor is invoked only when threads synchronize, and so does not needlessly restrict concurrency. We prove that our hybrid monitoring approach enforces a knowledge-based progress-sensitive non-interference security condition.

Item Type: Conference or Workshop Item
Erschienen: 2015
Creators: Askarov, Aslan and Chong, Stephen and Mantel, Heiko
Title: Hybrid Monitors for Concurrent Noninterference
Language: German
Abstract:

Controlling confidential information in concurrent systems is difficult, due to covert channels resulting from interaction between threads. This problem is exacerbated if threads share resources at fine granularity. In this work, we propose a novel monitoring framework to enforce strong information security in concurrent programs. Our monitors are hybrid, combining dynamic and static program analysis to enforce security in a sound and rather precise fashion. In our framework, each thread is guarded by its own local monitor, and there is a single global monitor. We instantiate our monitoring framework to support rely-guarantee style reasoning about the use of shared resources, at the granularity of individual memory locations, and then specialize local monitors further to enforce flow-sensitive progress-sensitive information-flow control. Our local monitors exploit rely-guarantee-style reasoning about shared memory to achieve high precision. Soundness of rely-guarantee-style reasoning is guaranteed by all monitors cooperatively. The global monitor is invoked only when threads synchronize, and so does not needlessly restrict concurrency. We prove that our hybrid monitoring approach enforces a knowledge-based progress-sensitive non-interference security condition.

Title of Book: Proceedings of the 28th IEEE Computer Security Foundations Symposium (CSF)
Publisher: IEEE Computer Society
Uncontrolled Keywords: hybrid information-flow monitor, Language-based security, information-flow control for concurrent systems
Divisions: Profile Areas > Cybersecurity (CYSEC)
Profile Areas
Event Location: Verona, Italy
Date Deposited: 17 Aug 2017 15:40
DOI: 10.1109/CSF.2015.17
Identification Number: TUD-CS-2015-12093
Export:

Optionen (nur für Redakteure)

View Item View Item