Article

Achieving Information Flow Security through Precise Control of Effects

Authors:

William L. Harrison,

James HookAuthors Info & Claims

CSFW '05: Proceedings of the 18th IEEE workshop on Computer Security Foundations

Pages 16 - 30

https://doi.org/10.1109/CSFW.2005.6

Published: 20 June 2005 Publication History

Publisher Site

Abstract

This paper advocates a novel approach to the construction of secure software: controlling information flow and maintaining integrity via monadic encapsulation of effects. This approach is constructive, relying on properties of monads and monad transformers to build, verify, and extend secure software systems. We illustrate this approach by construction of abstract operating systems called separation kernels. Starting from a mathematicalmodel of shared-state concurrency based on monads of resumptions and state, we outline the development by stepwise refinements of separation kernels supporting Unix-like system calls, interdomain communication, and a formally verified security policy (domain separation). Because monads may be easily and safely represented within any pure, higher-order, typed functional language, the resulting system models may be directly realized within a language such as Haskell.

Cited By

View all

Hassan DSabry ALazarus RKfoury ABeal J(2013)Encoding secure information flow with restricted delegation and revocation in HaskellProceedings of the 1st annual workshop on Functional programming concepts in domain-specific languages10.1145/2505351.2505354(11-18)Online publication date: 22-Sep-2013
https://dl.acm.org/doi/10.1145/2505351.2505354
Buiras PLevy AStefan DRusso AMazières D(2013)A Library for Removing Cache-Based Attacks in Concurrent Information Flow Systems8th International Symposium on Trustworthy Global Computing - Volume 835810.1007/978-3-319-05119-2_12(199-216)Online publication date: 30-Aug-2013
https://dl.acm.org/doi/10.1007/978-3-319-05119-2_12
Terei DMarlow SPeyton Jones SMazières D(2012)Safe haskellACM SIGPLAN Notices10.1145/2430532.236452447:12(137-148)Online publication date: 13-Sep-2012
https://dl.acm.org/doi/10.1145/2430532.2364524
Show More Cited By

Index Terms

Achieving Information Flow Security through Precise Control of Effects
1. Security and privacy
  1. Systems security
    1. Information flow control
    2. Operating systems security
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Achieving information flow security through monadic control of effects
18th IEEE Computer Security Foundations Symposium (CSF 18)

This paper advocates a novel approach to the construction of secure software: controlling information flow and maintaining integrity via monadic encapsulation of effects. This approach is constructive, relying on properties of monads and monad ...
Securing untrustworthy software using information flow control
A library for light-weight information-flow security in haskell
HASKELL '08

Protecting confidentiality of data has become increasingly important for computing systems. Information-flow techniques have been developed over the years to achieve that purpose, leading to special-purpose languages that guarantee information-flow ...

Comments

Information & Contributors

Information

Published In

CSFW '05: Proceedings of the 18th IEEE workshop on Computer Security Foundations

June 2005

290 pages

ISBN:0769523404

Publisher

IEEE Computer Society

United States

Publication History

Published: 20 June 2005

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Hassan DSabry ALazarus RKfoury ABeal J(2013)Encoding secure information flow with restricted delegation and revocation in HaskellProceedings of the 1st annual workshop on Functional programming concepts in domain-specific languages10.1145/2505351.2505354(11-18)Online publication date: 22-Sep-2013
https://dl.acm.org/doi/10.1145/2505351.2505354
Buiras PLevy AStefan DRusso AMazières D(2013)A Library for Removing Cache-Based Attacks in Concurrent Information Flow Systems8th International Symposium on Trustworthy Global Computing - Volume 835810.1007/978-3-319-05119-2_12(199-216)Online publication date: 30-Aug-2013
https://dl.acm.org/doi/10.1007/978-3-319-05119-2_12
Terei DMarlow SPeyton Jones SMazières D(2012)Safe haskellACM SIGPLAN Notices10.1145/2430532.236452447:12(137-148)Online publication date: 13-Sep-2012
https://dl.acm.org/doi/10.1145/2430532.2364524
Terei DMarlow SPeyton Jones SMazières DVoigtländer J(2012)Safe haskellProceedings of the 2012 Haskell Symposium10.1145/2364506.2364524(137-148)Online publication date: 13-Sep-2012
https://dl.acm.org/doi/10.1145/2364506.2364524
Stefan DRusso AMitchell JMazières D(2011)Flexible dynamic information flow control in HaskellACM SIGPLAN Notices10.1145/2096148.203468846:12(95-106)Online publication date: 22-Sep-2011
https://dl.acm.org/doi/10.1145/2096148.2034688
Stefan DRusso AMitchell JMazières DClaessen K(2011)Flexible dynamic information flow control in HaskellProceedings of the 4th ACM symposium on Haskell10.1145/2034675.2034688(95-106)Online publication date: 22-Sep-2011
https://dl.acm.org/doi/10.1145/2034675.2034688
Snyder MAlexander P(2010)Monad factoryProceedings of the 11th international conference on Trends in functional programming10.5555/2035141.2035154(198-213)Online publication date: 17-May-2010
https://dl.acm.org/doi/10.5555/2035141.2035154
Harrison WProcter AAgron JKimmell GAllwein G(2009)Model-Driven Engineering from Modular Monadic SemanticsProceedings of the IFIP TC 2 Working Conference on Domain-Specific Languages10.1007/978-3-642-03034-5_2(20-44)Online publication date: 2-Jul-2009
https://dl.acm.org/doi/10.1007/978-3-642-03034-5_2
Kariotis PProcter AHarrison W(2008)Making monads first-class with template haskellACM SIGPLAN Notices10.1145/1543134.141130044:2(99-110)Online publication date: 25-Sep-2008
https://dl.acm.org/doi/10.1145/1543134.1411300
Russo AClaessen KHughes J(2008)A library for light-weight information-flow security in haskellACM SIGPLAN Notices10.1145/1543134.141128944:2(13-24)Online publication date: 25-Sep-2008
https://dl.acm.org/doi/10.1145/1543134.1411289
Show More Cited By

Abstract

Cited By

Index Terms

Recommendations

Achieving information flow security through monadic control of effects

Securing untrustworthy software using information flow control

A library for light-weight information-flow security in haskell

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations