Article

Paragon for Practical Programming with Information-Flow Control

Authors:

Niklas Broberg,

David SandsAuthors Info & Claims

Proceedings of the 11th Asian Symposium on Programming Languages and Systems - Volume 8301

Pages 217 - 232

https://doi.org/10.1007/978-3-319-03542-0_16

Published: 09 December 2013 Publication History

Abstract

Conventional security policies for software applications are adequate for managing concerns on the level of access control. But standard abstraction mechanisms of mainstream programming languages are not sufficient to express how information is allowed to flow between resources once access to them has been obtained. In practice we believe that such control - information flow control - is needed to manage the end-to-end security properties of applications.

In this paper we present Paragon, a Java-based language with first-class support for static checking of information flow control policies. Paragon policies are specified in a logic-based policy language. By virtue of their explicitly stateful nature, these policies appear to be more expressive and flexible than those used in previous languages with information-flow support.

Our contribution is to present the design and implementation of Paragon, which smoothly integrates the policy language with Java's object-oriented setting, and reaps the benefits of the marriage with a fully fledged programming language.

References

[1]

Paragon website (July 2013), http://www.cse.chalmers.se/research/group/paragon

[2]

Aldrich, J., Sunshine, J., Saini, D., Sparks, Z.: Typestate-oriented programming. In: OOPSLA Companion, pp. 1015—1022 (2009)

Digital Library

[3]

Askarov, A., Sabelfeld, A.: Security-typed languages for implementation of cryptographic protocols: A case study. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol.ä3679, pp. 197—221. Springer, Heidelberg (2005)

Digital Library

[4]

Becker, M.Y., Fournet, C., Gordon, A.D.: Design and semantics of a decentralized authorization language. In: Proc. IEEE Computer Security Foundations Symposium, pp. 3—15. IEEE Computer Society (2007)

Digital Library

[5]

Broberg, N., Sands, D.: Paralocks — role-based information flow control and beyond. In: POPL 2010, Proceedings of the 37th Annual ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages (2010)

Digital Library

[6]

Chapman, R., Hilton, A.: Enforcing security and safety models with an information flow analysis tool. ACM SIGAda Ada Lettersä24(4), 39—46 (2004)

Digital Library

[7]

Denning, D.E.: A lattice model of secure information flow. Comm. of the ACMä19(5), 236—243 (1976)

Digital Library

[8]

Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Comm. of the ACMä20(7), 504—513 (1977)

Digital Library

[9]

Dougherty, D.J., Fisler, K., Adsul, B.: Specifying and reasoning about dynamic access-control policies. In: Furbach, U., Shankar, N. (eds.) IJCAR 2006. LNCS (LNAI), vol.ä4130, pp. 632—646. Springer, Heidelberg (2006)

Digital Library

[10]

Hammer, C., Snelting, G.: Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs. International Journal of Information Securityä8(6), 399—422 (2009)

Digital Library

[11]

Hicks, B., Ahmadizadeh, K., McDaniel, P.D.: From languages to systems: Understanding practical application development in security-typed languages. In: ACSAC. IEEE Computer Society (2006)

Digital Library

[12]

Jia, L., Zdancewic, S.: Encoding information flow in aura. In: Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security (2009)

Digital Library

[13]

Jim, T.: SD3: A trust management system with certified evaluation. In: Proc. IEEE Symp. on Security and Privacy (2001)

Digital Library

[14]

Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a role-based trust-management framework. In: IEEE Symposium on Security and Privacy, pp. 114—130 (2002)

Digital Library

[15]

Li, P., Zdancewic, S.: Arrows for secure information flow. Theor. Comput. Sci.ä411(19) (2010)

Digital Library

[16]

Morgenstern, J., Licata, D.R.: Security-typed programming within dependently-typed programming. In: Proceedings of the 15th ACM SIGPLAN International Conference on Functional Programming (2010)

Digital Library

[17]

Myers, A.C.: JFlow: Practical mostly-static information flow control. In: Proc. ACM Symp. on Principles of Programming Languages, pp. 228—241 (January 1999)

Digital Library

[18]

Myers, A.C., Liskov, B.: A decentralized model for information flow control. In: Proc. ACM Symp. on Operating System Principles, pp. 129—142 (October 1997)

Digital Library

[19]

Myers, A.C., Liskov, B.: Protecting privacy using the decentralized label model. ACM Transactions on Software Engineering and Methodologyä9(4), 410—442 (2000)

Digital Library

[20]

Myers, A.C., Zheng, L., Zdancewic, S., Chong, S., Nystrom, N.: Jif: Java information flow. Software release (2001—2013), http://www.cs.cornell.edu/jif

[21]

Rehof, J., Mogensen, T.: Tractable constraints in finite semilattices. In: Cousot, R., Schmidt, D.A. (eds.) SAS 1996. LNCS, vol.ä1145, pp. 285—300. Springer, Heidelberg (1996)

Digital Library

[22]

Russo, A., Claessen, K., Hughes, J.: A library for light-weight information-flow security in haskell. In: Proceedings of the 1st ACM SIGPLAN Symposium on Haskell (2008)

Digital Library

[23]

Sabelfeld, A., Sands, D.: Declassification: Dimensions and principles. Journal of Computer Securityä15(5), 517—548 (2009)

Digital Library

[24]

Simonet, V.: The Flow Caml system. Software release (July 2003), http://cristal.inria.fr/~simonet/soft/flowcaml

[25]

Stefan, D., Russo, A., Mitchell, J.C., Mazières, D.: Flexible dynamic information flow control in Haskell. In: Proceedings of the 4th ACM Symposium on Haskell (2011)

Digital Library

[26]

Strom, R.E., Yemini, S.: Typestate: A programming language concept for enhancing software reliability. IEEE Trans. Software Eng.ä12(1), 157—171 (1986)

Digital Library

[27]

Swamy, N., Chen, J., Fournet, C., Strub, P., Bharagavan, K., Yang, J.: Secure distributed programming with value-dependent types. In: The 16th ACM SIGPLAN International Conference on Functional Programming (2011)

Digital Library

[28]

Swamy, N., Corcoran, B.J., Hicks, M.: Fable: A language for enforcing user-defined security policies. In: Proc. IEEE Symp. on Security and Privacy, pp. 369—383 (2008)

Digital Library

[29]

van Delft, B., Broberg, N., Sands, D.: A datalog semantics for paralocks. In: JØsang, A., Samarati, P., Petrocchi, M. (eds.) STM 2012. LNCS, vol.ä7783, pp. 305—320. Springer, Heidelberg (2013)

[30]

Whaley, J., Rinard, M.: Compositional pointer and escape analysis for Java programs. In: Proceedings of the 14th ACM SIGPLAN Conference on Object-oriented Programming, Systems, Languages, and Applications, OOPSLA 1999, pp. 187—206. ACM (1999)

Digital Library

[31]

Yang, J., Yessenov, K., Solar-Lezama, A.: A language for automatically enforcing privacy policies. In: Proceedings of the 39th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM (2012)

Digital Library

[32]

Zheng, L., Myers, A.C.: Dynamic security labels and static information flow control. International Journal of Information Securityä6 (2007)

Digital Library

Cited By

Linvill KKaki GWustrow E(2023)Verifying Indistinguishability of Privacy-Preserving ProtocolsProceedings of the ACM on Programming Languages10.1145/36228497:OOPSLA2(1442-1469)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3622849
Acay CRecto RGancher JMyers AShi EFreund SYahav E(2021)Viaduct: an extensible, optimizing compiler for secure distributed programsProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454074(740-755)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454074
Kozyri ESchneider F(2020)RIFJournal of Computer Security10.3233/JCS-19131628:2(191-228)Online publication date: 1-Jan-2020
https://dl.acm.org/doi/10.3233/JCS-191316
Show More Cited By

Paragon for Practical Programming with Information-Flow Control
1. Security and privacy
  1. Systems security

Recommendations

Paragon – Practical programming with information flow control
Verified information flow security

Conventional security policies for software applications are adequate for managing concerns on the level of access control. But standard abstraction mechanisms of mainstream programming languages are not sufficient to express how information is allowed to ...
Paragon: Programming with Information Flow Control (Demo)
PLAS'14: Proceedings of the Ninth Workshop on Programming Languages and Analysis for Security

We demonstrate Paragon, a Java-based programming language with integrated information-flow control. We show how the use of information-flow policies combined with encapsulation allows for simple yet powerful and flexible policy libraries tailored to the ...
Arrows for secure information flow

This paper presents an embedded security sublanguage for enforcing information-flow policies in the standard Haskell programming language. The sublanguage provides useful information-flow control mechanisms including dynamic security lattices, run-time ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

Proceedings of the 11th Asian Symposium on Programming Languages and Systems - Volume 8301

December 2013

380 pages

ISBN:9783319035413

Editor:
Chung-Chieh Shan
Indiana University, Bloomington, USA

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 09 December 2013

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 15 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Linvill KKaki GWustrow E(2023)Verifying Indistinguishability of Privacy-Preserving ProtocolsProceedings of the ACM on Programming Languages10.1145/36228497:OOPSLA2(1442-1469)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3622849
Acay CRecto RGancher JMyers AShi EFreund SYahav E(2021)Viaduct: an extensible, optimizing compiler for secure distributed programsProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454074(740-755)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454074
Kozyri ESchneider F(2020)RIFJournal of Computer Security10.3233/JCS-19131628:2(191-228)Online publication date: 1-Jan-2020
https://dl.acm.org/doi/10.3233/JCS-191316
Vassena MRusso AGarg DRajani VStefan D(2019)From fine- to coarse-grained dynamic information flow control and backProceedings of the ACM on Programming Languages10.1145/32903893:POPL(1-31)Online publication date: 2-Jan-2019
https://dl.acm.org/doi/10.1145/3290389
Cassel DHuang YJia L(2019)Uncovering Information Flow Policy Violations in C Programs (Extended Abstract)Computer Security – ESORICS 201910.1007/978-3-030-29962-0_2(26-46)Online publication date: 23-Sep-2019
https://dl.acm.org/doi/10.1007/978-3-030-29962-0_2
Ngo MBielova NFlanagan CRezk TRusso ASchmitz TChampin PGandon FMédini LLalmas MIpeirotis P(2018)A Better Facet of Dynamic Information Flow ControlCompanion Proceedings of the The Web Conference 201810.1145/3184558.3185979(731-739)Online publication date: 23-Apr-2018
https://dl.acm.org/doi/10.1145/3184558.3185979
Rafnsson WGarg DSabelfeld A(2016)Progress-Sensitive Security for SPARKProceedings of the 8th International Symposium on Engineering Secure Software and Systems - Volume 963910.1007/978-3-319-30806-7_2(20-37)Online publication date: 6-Apr-2016
https://dl.acm.org/doi/10.1007/978-3-319-30806-7_2
Buiras PVytiniotis DRusso A(2015)HLIO: mixing static and dynamic typing for information-flow control in HaskellACM SIGPLAN Notices10.1145/2858949.278475850:9(289-301)Online publication date: 29-Aug-2015
https://dl.acm.org/doi/10.1145/2858949.2784758
Buiras Pvan Delft BClarkson MJia L(2015)Dynamic Enforcement of Dynamic PoliciesProceedings of the 10th ACM Workshop on Programming Languages and Analysis for Security10.1145/2786558.2786563(28-41)Online publication date: 4-Jul-2015
https://dl.acm.org/doi/10.1145/2786558.2786563
Murray TClarkson MJia L(2015)Short PaperProceedings of the 10th ACM Workshop on Programming Languages and Analysis for Security10.1145/2786558.2786561(43-48)Online publication date: 4-Jul-2015
https://dl.acm.org/doi/10.1145/2786558.2786561
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Table of Contents