Article

Information flow inference for ML

Authors:

François Pottier,

Vincent SimonetAuthors Info & Claims

POPL '02: Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages

Pages 319 - 330

https://doi.org/10.1145/503272.503302

Published: 01 January 2002 Publication History

Abstract

This paper presents a type-based information flow analysis for a call-by-value λ-calculus equipped with references, exceptions and let-polymorphism, which we refer to as Core ML. The type system is constraint-based and has decidable type inference. Its non-interference proof is reasonably lightweight, thanks to the use of a number of orthogonal techniques. First, a syntactic segregation between values and expressions allows a lighter formulation of the type system. Second, non-interference is reduced to subject reduction for a non-standard language extension. Lastly, a semi-syntactic approach to type soundness allows dealing with constraint-based polymorphism separately.

References

[1]

Martyn Abadi, Anindya Banerjee, Nevin Heintze, and Jon G. Riecke. A core calculus of dependency. In Conference Record of the 26th ACM Symposium on Principles of Programming Languages, pages 147-160, San Antonio, Texas, January 1999.]]

Digital Library

[2]

Martyn Abadi, Butler Lampson, and Jean-Jacques Levy. Analysis and caching of dependencies. In Proceedings of the ACM SIGPLAN International Conference on Functional Programming, pages 83-91, Philadelphia, May 1996.]]

Digital Library

[3]

D. E. Bell and Leonard J. LaPadula. Secure computer systems: Unified exposition and Multics interpretation. Technical Report MTR-2997, The MITRE Corp., July 1975.]]

[4]

Dorothy E. Denning. Cryptography and Data Security. Addison-Wesley, Reading, Massachusetts, 1982.]]

Digital Library

[5]

Cormac Flanagan, Amr Sabry, Bruce F. Duba, and Matthias Felleisen. The essence of compiling with continuations. In Conference on Programming Language Design and Implementation, pages 237-247, June 1993.]]

Digital Library

[6]

Joseph Goguen and Jose Meseguer. Security policies and security models. In Proceedings of the 1982 IEEE Symposium on Security and Privacy, pages 11-20, April 1982.]]

[7]

Nevin Heintze and Jon G. Riecke. The SLam calculus: Programming with secrecy and integrity. In Conference Record of the 25th ACM Symposium on Principles of Programming Languages, pages 365-377, January 1998.]]

Digital Library

[8]

Xavier Leroy, Damien Doligez, et al. The Caml Light system, release 0.74. http://caml.inria.fr/, 1997.]]

[9]

Andrew C. Myers. JFlow: practical mostly-static information flow control. In Proceedings of the 26th ACM SIGPLAN-SIGACT on Principles of Programming Languages, pages 228-241, San Antonio, Texas, January 1999.]]

Digital Library

[10]

Andrew C. Myers. Mostly-Static Decentralized Information Flow Control. PhD thesis, Massachusetts Institute of Technology, January 1999.]]

Digital Library

[11]

Martin Odersky, Martin Sulzmann, and Martin Wehr. Type inference with constrained types. Theory and Practice of Object Systems, 5(1):35-55, 1999.]]

Digital Library

[12]

Francois Pessaux and Xavier Leroy. Type-based analysis of uncaught exceptions. ACM Transactions on Programming Languages and Systems, 22(2):340-377, 2000.]]

Digital Library

[13]

Francois Pottier. A semi-syntactic soundness proof for HM(X). Research Report 4150, INRIA, March 2001.]]

[14]

Francois Pottier and Sylvain Conchon. Information flow inference for free. In Proceedings of the the Fifth ACM SIGPLAN International Conference on Functional Programming (ICFP'00), pages 46-57, September 2000.]]

Digital Library

[15]

Francois Pottier and Vincent Simonet. Information flow inference for ML. Full version. http://pauillac.inria.fr/ fpottier/publis/fpottier-simonet-popl02-long.ps.gz.]]

[16]

Jakob Rehof. Minimal typings in atomic subtyping. In ACM Symposium on Principles of Programming Languages, pages 278-291, January 1997.]]

Digital Library

[17]

Didier Remy. Type inference for records in a natural extension of ML. In Carl A. Gunter and John C. Mitchell, editors, Theoretical Aspects Of Object-Oriented Programming. Types, Semantics and Language Design. MIT Press, 1993.]]

Digital Library

[18]

Martin Sulzmann, Martin Muller, and Christoph Zenger. Hindley/Milner style type systems in constraint form. Research Report ACRC-99-009, University of South Australia, School of Computer and Information Science, July 1999.]]

[19]

Dennis Volpano and Geoffrey Smith. A type-based approach to program security. Lecture Notes in Computer Science, 1214:607-621, April 1997.]]

Digital Library

[20]

Dennis Volpano, Geoffrey Smith, and Cynthia Irvine. A sound type system for secure flow analysis. Journal of Computer Security, 4(3):167-187, 1996.]]

Digital Library

[21]

Andrew K. Wright. Simple imperative polymorphism. Lisp and Symbolic Computation, 8(4):343-356, December 1995.]]

Digital Library

[22]

Andrew K. Wright and Matthias Felleisen. A syntactic approach to type soundness. Information and Computation, 115(1):38-94, November 1994.]]

Digital Library

[23]

Steve Zdancewic and Andrew C. Myers. Secure information flow and CPS. In Proceedings of the 2001 European Symposium on Programming (ESOP'01), Lecture Notes in Computer Science. Springer Verlag, April 2001.]]

Digital Library

Cited By

Lesani M(2024)Vulnerability Flow Type Systems2024 IEEE Security and Privacy Workshops (SPW)10.1109/SPW63631.2024.00020(157-168)Online publication date: 23-May-2024
https://doi.org/10.1109/SPW63631.2024.00020
Vasilenko EVazou NBarthe G(2024)OBRA: Oracle-Based, Relational, Algorithmic Type VerificationProgramming Languages and Systems10.1007/978-981-97-8943-6_14(283-302)Online publication date: 28-Oct-2024
https://doi.org/10.1007/978-981-97-8943-6_14
Mondal PAlgehed MArden O(2023)Flow-limited authorization for consensus, replication, and secret sharing1Journal of Computer Security10.3233/JCS-23004831:5(615-645)Online publication date: 13-Oct-2023
https://doi.org/10.3233/JCS-230048
Show More Cited By

Information flow inference for ML
1. Theory of computation
  1. Semantics and reasoning

Recommendations

Information flow inference for ML

This paper presents a type-based information flow analysis for a call-by-value λ-calculus equipped with references, exceptions and let-polymorphism, which we refer to as ML. The type system is constraint-based and has decidable type inference. Its ...
Information flow inference for ML

This paper presents a type-based information flow analysis for a call-by-value λ-calculus equipped with references, exceptions and let-polymorphism, which we refer to as Core ML. The type system is constraint-based and has decidable type inference. Its ...
From ML type inference to stratified type inference
Proceedings of the tenth ACM SIGPLAN international conference on Functional programming

Hindley and Milner's type system, in its purest form, allows what one might call full type inference. Even when a program contains no explicit type information, its very structure gives rise to a conjunction of type equations (or, more generally, to a ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

POPL '02: Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages

January 2002

351 pages

ISBN:1581134509

DOI:10.1145/503272

Conference Chair:
John Launchbury
OGI and Galois Connections
,
Program Chair:
John C. Mitchell
Stanford University

ACM SIGPLAN Notices Volume 37, Issue 1
Jan. 2002
342 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/565816
Issue’s Table of Contents

Copyright © 2002 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 January 2002

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Conference

POPL02

Sponsor:

POPL02: The 29th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages 2002

January 16 - 18, 2002

Oregon, Portland

Acceptance Rates

POPL '02 Paper Acceptance Rate 28 of 128 submissions, 22%;

Overall Acceptance Rate 824 of 4,130 submissions, 20%

Upcoming Conference

POPL '25

Sponsor:
sigplan

The 52nd Annual ACM SIGPLAN Symposium on Principles of Programming Languages

January 19 - 25, 2025

Denver , CO , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

124
Total Citations
View Citations
874
Total Downloads

Downloads (Last 12 months)97
Downloads (Last 6 weeks)3

Reflects downloads up to 24 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Lesani M(2024)Vulnerability Flow Type Systems2024 IEEE Security and Privacy Workshops (SPW)10.1109/SPW63631.2024.00020(157-168)Online publication date: 23-May-2024
https://doi.org/10.1109/SPW63631.2024.00020
Vasilenko EVazou NBarthe G(2024)OBRA: Oracle-Based, Relational, Algorithmic Type VerificationProgramming Languages and Systems10.1007/978-981-97-8943-6_14(283-302)Online publication date: 28-Oct-2024
https://doi.org/10.1007/978-981-97-8943-6_14
Mondal PAlgehed MArden O(2023)Flow-limited authorization for consensus, replication, and secret sharing1Journal of Computer Security10.3233/JCS-23004831:5(615-645)Online publication date: 13-Oct-2023
https://doi.org/10.3233/JCS-230048
Mangipudi SChuprikov PEugster PViering MSavvides S(2023)Generalized Policy-Based Noninterference for Efficient Confidentiality-PreservationProceedings of the ACM on Programming Languages10.1145/35912317:PLDI(267-291)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591231
Cimini M(2023)Towards the Complexity Analysis of Programming Language Proof MethodsTheoretical Aspects of Computing – ICTAC 202310.1007/978-3-031-47963-2_8(100-118)Online publication date: 4-Dec-2023
https://dl.acm.org/doi/10.1007/978-3-031-47963-2_8
Guria SVazou NGuarnieri MParker JJhala RDillig I(2022)ANOSY: approximated knowledge synthesis with refinement types for declassificationProceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3519939.3523725(15-30)Online publication date: 9-Jun-2022
https://dl.acm.org/doi/10.1145/3519939.3523725
Sun WYan ZXu XDing WGao L(2022)Software Side Channel Vulnerability Detection Based on Similarity Calculation and Deep Learning2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom56396.2022.00112(800-809)Online publication date: Dec-2022
https://doi.org/10.1109/TrustCom56396.2022.00112
Acay CRecto RGancher JMyers AShi EFreund SYahav E(2021)Viaduct: an extensible, optimizing compiler for secure distributed programsProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454074(740-755)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454074
Hirsch ACecchetti E(2021)Giving semantics to program-counter labels via secure effectsProceedings of the ACM on Programming Languages10.1145/34343165:POPL(1-29)Online publication date: 4-Jan-2021
https://dl.acm.org/doi/10.1145/3434316
Polikarpova NStefan DYang JItzhaky SHance TSolar-Lezama A(2020)Liquid information flow controlProceedings of the ACM on Programming Languages10.1145/34089874:ICFP(1-30)Online publication date: 3-Aug-2020
https://dl.acm.org/doi/10.1145/3408987
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents