Abstract

We demonstrate that a practical concurrent language can be extended in a natural way with information security mechanisms that provably enforce strong information security guarantees. We extend the X10 concurrent programming language with coarse-grained information-flow control. Central to X10 concurrency abstractions is the notion of a place: a container for data and computation. We associate a security level with each place, and restrict each place to store only data appropriate for that security level. When places interact only with other places at the same security level, then our security mechanisms impose no restrictions. When places of differing security levels interact, our information security analysis prevents potentially dangerous information flows, including information flow through covert scheduling channels. The X10 concurrency mechanisms simplify reasoning about information flow in concurrent programs. We present a static analysis that enforces a noninterference-based extensional information security condition in a calculus that captures the key aspects of X10's place abstraction and async-finish parallelism. We extend this security analysis to support many of X10's language features, and have implemented a prototype compiler for the resulting language.

Highlights

  • Enforcement of strong information security guarantees for concurrent programs poses both a challenge and an oppor-Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page

  • We have extended the X10 concurrent programming language with coarse-grained information-flow control

  • Each place is associated with a security level, and may only handle data that is appropriate for the security level

Read more

Summary

Introduction

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Interaction between places may influence the scheduling of activities at a place, leading to potential covert information channels; our security analysis tracks and controls these covert channels We believe that this coarse-grained approach to providing information security in concurrent programs is simple, practical, and useful. Our security analysis requires such observational determinism when the resolution of nondeterminism may reveal high-security information It is, possible to allow some observable nondeterminism within a secure concurrent program. When places of differing security interact, our information security analysis prevents potentially dangerous information flows by using X10’s concurrency mechanisms to reason both about data sent between places, and about how the scheduling of activities at a place may depend on high-security information.

FSX10: a secure parallel calculus
Syntax
Scheduling
Operational semantics
Program execution
Security
Defining security
Enforcing security
SX10 prototype implementation
Example programs
Related work
Conclusion
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.