DocumentCode
1565448
Title
Statically Checking Confidentiality of Shared Memory Programs with Dynamic Labels
Author
Volp, Marcus
Author_Institution
Dept. of Comput. Sci., Tech. Univ. Dresden, Dresden
fYear
2008
Firstpage
268
Lastpage
275
Abstract
At WITS 2005, Warmer et al. published an algorithm to statically check confidentiality of programs with dynamic labels. Unlike prior approaches, their method allows for temporary breaches of confidentiality. However, they share the commonly made assumption that programs run entirely in private memory. Thus, interaction with and observation of the checked program is restricted to program start and termination respectively. This paper extends Warnier´s approach in two fundamental aspects: shared memory and synchronisation. Through shared memory other programs may observe and interact with the checked program at memory-access granularity. Synchronisation renders parts of the shared memory inaccessible to those programs which adhere to the locking policy. We provide a mechanically-checked soundness proof and show the effectiveness of a countermeasure to the AES cache side-channel attack.
Keywords
cache storage; concurrency control; cryptography; program diagnostics; program verification; shared memory systems; synchronisation; AES cache side-channel attack; concurrency control; dynamic label; locking policy; mechanically-checked soundness proof; memory-access granularity; program synchronisation; shared-memory program; static confidentiality checking; Availability; Computer security; Concrete; Cryptography; Information security; Labeling; Network servers; Virtual manufacturing; Voice mail; Workstations; information flow; language-based security;
fLanguage
English
Publisher
ieee
Conference_Titel
Availability, Reliability and Security, 2008. ARES 08. Third International Conference on
Conference_Location
Barcelona
Print_ISBN
978-0-7695-3102-1
Type
conf
DOI
10.1109/ARES.2008.56
Filename
4529347
Link To Document