3/14/2016 8:37 PM Information Flow Epilog James Hook CS 591: Introduction to Computer Security.

Slides:



Advertisements
Similar presentations
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Advertisements

8/11/2006PCC Toward More Typed Assembly Languages for Confidentiality Dachuan Yu DoCoMo USA Labs.
Security of Multithreaded Programs by Compilation Tamara Rezk INDES Project, INRIA Sophia Antipolis Mediterranee Joint work with Gilles Barthe, Alejandro.
Information Flow and Covert Channels November, 2006.
Challenges for Information-flow Security* Steve Zdancewic University of Pennsylvania * This talk is an attempt to be provocative and controversial.
An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.
Current Techniques in Language-based Security David Walker COS 597B With slides stolen from: Steve Zdancewic University of Pennsylvania.
Untrusted Hosts and Confidentiality: Secure Program Partitioning Steve Zdancewic Lantian Zheng Nathaniel Nystrom Andrew Myers Cornell University.
Towards Static Flow-based Declassification for Legacy and Untrusted Programs Bruno P. S. Rocha Sruthi Bandhakavi Jerry den Hartog William H. Winsborough.
Counting the bits Analysis of Algorithms Will it run on a larger problem? When will it fail?
Current Techniques in Language-based Security David Walker COS 597B With slides stolen from: Steve Zdancewic University of Pennsylvania.
Department of Mechanical Engineering ME 322 – Mechanical Engineering Thermodynamics Lecture 19 Calculation of Entropy Changes.
Ashish Kundu CS590F Purdue 02/12/07 Language-Based Information Flow Security Andrei Sabelfield, Andrew C. Myers Presentation: Ashish Kundu
Language-based Security: Information Flow Control 18739A: Foundations of Security and Privacy Anupam Datta Fall 2009.
Introduction to Computer Programming in C
The Essence of Command Injection Attacks in Web Applications Zhendong Su and Gary Wassermann Present by Alon Kremer April 2011.
CS 581: Introduction to the Theory of Computation Lecture 1 James Hook Portland State University
Privacy Issues in Disclosing Averages Susmit Sarkar(CMU)
Information Flow, Security and Programming Languages Steve Steve Zdancewic.
Steve Zdancewic ESOP011 Secure Information Flow and CPS Steve Zdancewic Joint work with Andrew Myers Cornell University.
1 Enforcing Confidentiality in Low-level Programs Andrew Myers Cornell University.
6/18/2015 4:21 AM Information Flow James Hook CS 591: Introduction to Computer Security.
Decentralized Robustness Stephen Chong Andrew C. Myers Cornell University CSFW 19 July 6 th 2006.
6/20/2015 7:37 PM Lecture 5: Integrity Models James Hook CS 591: Introduction to Computer Security.
6/20/ :09 PM Information Flow James Hook CS 591: Introduction to Computer Security.
CS Master – Introduction to the Theory of Computation Jan Maluszynski - HT Lecture 1 Introduction Jan Maluszynski, IDA, 2007
Polyglot: An Extensible Compiler Framework for Java Nathaniel Nystrom, Michael R. Clarkson, and Andrew C. Myers Presentation by Aaron Kimball & Ben Lerner.
Robust Declassification Steve Zdancewic Andrew Myers Cornell University.
C++ for Engineers and Scientists Third Edition
CS 581: Introduction to the Theory of Computation Lecture 1 James Hook Portland State University
7/16/2015 3:58 AM Lecture 4: Bell LaPadula James Hook CS 591: Introduction to Computer Security.
Automatic Implementation of provable cryptography for confidentiality and integrity Presented by Tamara Rezk – INDES project - INRIA Joint work with: Cédric.
Secure Web Applications via Automatic Partitioning Stephen Chong, Jed Liu, Andrew C. Meyers, Xin Qi, K. Vikram, Lantian Zheng, Xin Zheng. Cornell University.
ECE 720T5 Winter 2014 Cyber-Physical Systems Rodolfo Pellizzoni.
Language-Based Information-Flow Security Richard Mancusi CSCI 297.
Introduction to Course MMIS 656 Web Design Technologies.
Containment and Integrity for Mobile Code Security policies as types Andrew Myers Fred Schneider Department of Computer Science Cornell University.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Language-Based Information- Flow Security Andrei Sabelfeld.
1 Chapter 4: Selection Structures. In this chapter, you will learn about: – Selection criteria – The if-else statement – Nested if statements – The switch.
Computer Security: Principles and Practice
ECE 103 Engineering Programming Chapter 1 Introduction Herbert G. Mayer, PSU CS Status 6/19/2015 Initial content copied verbatim from ECE 103 material.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 5 – Database Security.
Containment and Integrity for Mobile Code End-to-end security, untrusted hosts Andrew Myers Fred Schneider Department of Computer Science Cornell University.
CS 345: Chapter 8 Noncomputability and Undecidability Or Sometimes You Can’t Get It Done At All.
SECURE WEB APPLICATIONS VIA AUTOMATIC PARTITIONING S. Chong, J. Liu, A. C. Myers, X. Qi, K. Vikram, L. Zheng, X. Zheng Cornell University.
Solving a System of Equations by SUBSTITUTION. GOAL: I want to find what x equals, and what y equals. Using substitution, I can say that x = __ and y.
Security CS Introduction to Operating Systems.
11/26/2015 9:14 AM Midterm Grading Comments James Hook CS 591: Introduction to Computer Security.
CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.
A Lattice Model of Secure Information Flow By Dorothy E. Denning Presented by Drayton Benner March 22, 2000.
1 Intro to Artificial Intelligence COURSE # CSC384H1F Fall 2008 Sonya Allin Note: many slides drawn from/inspired by Andrew Moore’s lectures at CMU and.
CMPSC 16 Problem Solving with Computers I Spring 2014 Instructor: Tevfik Bultan Lecture 4: Introduction to C: Control Flow.
B. Prabhakaran1 Multimedia Systems Reference Text “Multimedia Database Management Systems” by B. Prabhakaran, Kluwer Academic Publishers. – Kluwer bought.
Certification of Programs for Secure Information Flow Dorothy & Peter Denning Communications of the ACM (CACM) 1977.
Language-Based Information- Flow Security (Sabelfeld and Myers) “Practical methods for controlling information flow have eluded researchers for some time.”
C++ for Engineers and Scientists Second Edition Chapter 4 Selection Structures.
LECTURE 10 Semantic Analysis. REVIEW So far, we’ve covered the following: Compilation methods: compilation vs. interpretation. The overall compilation.
8 – Protecting Data and Security
Objectives Add and subtract rational expressions.
Paper Reading Group:. Language-Based Information-Flow Security. A
Chapter 10: Mathematical proofs
Information Security CS 526
Foundations for Algebra
Information Security CS 526
Flowcharts and Pseudo Code
Test Administrators Last updated: 08/20/09.
Information Security CS 526
Review of Previous Lesson
Foundations for Algebra
Presentation transcript:

3/14/2016 8:37 PM Information Flow Epilog James Hook CS 591: Introduction to Computer Security

3/14/2016 8:37 PM Last time: Information flow security –Denning and Denning as presented in Chapter 15 –Flow Caml “nutshell” paper Compilation can be made aware of confidentiality levels –Levels must be identified –Levels can be tracked through computational effects: environment, state, control, exceptions, concurrency (Not shown in Flow Caml)

3/14/2016 8:37 PM Does it work? Theoretical results –Volpano, Irvine and Smith (JCS ‘96) showed Soundness “If an expression e can be given a type  in our system, then Simple Security says … that only variables at level  or lower in e will have their contents read when e is evaluated (no read up)…. On the other hand, if a command c can be given a type  cmd then Confinement says … that no variable below level  is updated in c (no write down).” –Using modern language theory the techniques in Flow Caml and similar systems can be proven sound

3/14/2016 8:37 PM Does it work? In practice it is not broadly adopted –Technical issue is the complexity of managing policy –I suspect there are social issues as well … the technical issues are not show stoppers

3/14/2016 8:37 PM Recall Consider an example (in no particular language) Assume H is high and L is Low H = readHighDatabase() L = readLowUserInput() If f(H,L) then printLow “Success” else printLow “Fail”

3/14/2016 8:37 PM But!!! Consider an example (in no particular language) We do this every day! H = readHighDatabase(“passwd”) L = readLowUserInput() If checkPassword(H,L) then printLow “Success” else printLow “Fail”

3/14/2016 8:37 PM Password checking paradox Why shouldn’t we allow someone to write the password program? Why should we?

3/14/2016 8:37 PM Policy The password paradox is solved by explicit policy Similar issues arise with crypto algorithms –LoCypher = encrypt (HighClear, goodKey) Cf. –LoCypher = encrypt (HighClear, badKey)

3/14/2016 8:37 PM FlowCaml and Policy FlowCaml solves the policy problem by dividing the program into two parts: –Flow caml portion (.fml), with all flows checked –Regular caml portion with an annotated interface The downgrading of encryption or password validation queries is not done within the flow-checked portion

3/14/2016 8:37 PM Policy Zdancewic uses other techniques, including explicit downgrade assertions for confidentiality Basic philosophy: uniform enforcement with explicit escape mechanism –Focus analysis on the exceptions

3/14/2016 8:37 PM Further reading Dorothy E. Denning and Peter J. Denning, Certification of Programs for Secure Information Flow, Dennis Volpano, Geoffrey Smith, and Cynthia Irvine, A Sound Type System for Secure Flow Analysis, Steve Zdancewic, Lantian Zheng, Nathaniel Nystrom, and Andrew C. Myers, Secure Program Partitioning, Andrei Sabelfeld and Andrew C. Myers, Language-based Information- Flow Security, jsac03.pdf jsac03.pdf Peng Li and Steve Zdancewic, Downgrading Policies and Relaxed Noninterference,

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.