A Taxonomy of Information Flow Monitors

Nataliia Bielova 1 Tamara Rezk 1
1 INDES - Secure Diffuse Programming
CRISAM - Inria Sophia Antipolis - Méditerranée
Abstract : We propose a rigorous comparison of information flow monitors with respect to two dimensions: soundness and transparency. For soundness, we notice that the standard information flow security definition called Termination-Insensitive Noninterference (TINI) allows the presence of termination channels, however it does not describe whether the termination channel was present in the original program, or it was added by a monitor. We propose a stronger notion of noninterference, that we call Termination-Aware Noninterference (TANI), that captures this fact, and thus allows us to better evaluate the security guarantees of different monitors. We further investigate TANI, and state its formal relations to other soundness guarantees of information flow monitors. For transparency, we identify different notions from the literature that aim at comparing the behaviour of monitors. We notice that one common notion used in the literature is not adequate since it identifies as better a monitor that accepts insecure executions, and hence may augment the knowledge of the attacker. To discriminate between monitors' behaviours on secure and insecure executions, we factorized two notions that we call true and false transparency. These notions allow us to compare monitors that were deemed to be incomparable in the past. We analyse five widely explored information flow monitors: no-sensitive-upgrade (NSU), permissive-upgrade (PU), hybrid monitor (HM), secure multi-execution (SME), and multiple facets (MF).
Type de document :
Communication dans un congrès
Frank Piessens ; Luca Viganò. International Conference on Principles of Security and Trust (POST 2016), Apr 2016, Eindhoven, Netherlands. Springer, International Conference on Principles of Security and Trust (POST 2016), 9635, pp.46--67, 2016, LNCS - Lecture Notes in Computer Science. 〈http://www.etaps.org/index.php/2016/post/post-programme〉. 〈10.1007/978-3-662-49635-0_3〉
Liste complète des métadonnées

Littérature citée [31 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01348188
Contributeur : Nataliia Bielova <>
Soumis le : vendredi 22 juillet 2016 - 15:26:23
Dernière modification le : jeudi 11 janvier 2018 - 16:48:47

Fichier

main.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Nataliia Bielova, Tamara Rezk. A Taxonomy of Information Flow Monitors. Frank Piessens ; Luca Viganò. International Conference on Principles of Security and Trust (POST 2016), Apr 2016, Eindhoven, Netherlands. Springer, International Conference on Principles of Security and Trust (POST 2016), 9635, pp.46--67, 2016, LNCS - Lecture Notes in Computer Science. 〈http://www.etaps.org/index.php/2016/post/post-programme〉. 〈10.1007/978-3-662-49635-0_3〉. 〈hal-01348188〉

Partager

Métriques

Consultations de la notice

74

Téléchargements de fichiers

45