期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

多线程程序的信息抹除和降密安全策略 被引量:5

Security policy for information erasing and leaking in multithreaded codes
下载PDF
导出
摘要 为了满足多线程环境下实际应用程序故意释放敏感信息以及加强信息机密性的需求,基于强互模拟等价的方式定义能够同时处理信息降密和抹除的安全属性.该属性能控制被释放的机密信息的内容,使得降密机制不会被攻击者破坏而获得额外的机密信息,并且保证低安全级信息被抹除后无法再被攻击者滥用;使用交叉拷贝技术构造实施该安全属性的安全转换类型系统,可消除由于线程之间互相竞争执行而引起的内部时间隐蔽通道.通过转换类型系统可将一个给定程序转换成具有相同结构以及时间行为的安全程序,消除其中的信息泄露.根据操作语义证明了该类型系统的类型可靠性,表明遵循类型规则转换后的程序可满足系统的安全属性. In multithreaded environment,sensitive information is often deliberately released by many real applications and sometimes information needs to become more confidential. In order to address this situation,a security policy was defined in the style of strong bisimulation equivalence,which can handle both information leaking and erasing. The policy controls what information is released and guarantees that attackers cannot exploit information releasing mechanisms to reveal more sensitive data than intended. Moreover,it ensures that public data after erasing cannot be abused by attackers. Then a secure transforming type system was proposed to enforce the security policy by using the cross-copying technique,which can eliminate internal timing covert channels resulting from the interplay between different threads. The transforming type system can transform an insecure program into a secure one,trying to close information leaks. The secure program has the same structure as the original program and models the same timing behavior. Finally,the soundness of the type system was proved with respect to the operational semantics. Results indicate that if a program can be transformed according to typing rules,the resulting program satisfies the security policy.
作者 姜励 陈健 平玲娣 陈小平
机构地区 浙江大学计算机科学与技术学院
出处 《浙江大学学报(工学版)》 EI CAS CSCD 北大核心 2010年第5期854-862,共9页 Journal of Zhejiang University:Engineering Science
基金 国家"863"高技术研究发展计划资助项目(2006AA01Z431) 国家"十一五"科技支撑计划资助项目(2008BAH21B03) 浙江省科技计划资助项目(2007L11068)
关键词 多线程语言 类型系统 安全模型 multithreaded language type system security model
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献13

  • 1FOCARDI R, GORRIERI R. A classification of security properties for process algebras [J]. Journal of Computer Security, 1995, 3(1) : 5 - 33. 被引量:1
  • 2VOLPANO D, SMITH G, IRVINE C. A sound type system for secure flow analysis[J]. Journal of Computer Security, 1996, 4(3): 167-187. 被引量:1
  • 3SABELFELD A, MYERS A C. Language-based information-flow security [J]. IEEE Journal on Selected Areas in Communications, 2003, 21(1) : 5 - 19. 被引量:1
  • 4GOGUEN J A, MESEGUER J. Security policies and security models [C] // Proceedings of the 1982 IEEE Symposium on Research in Security and Privacy. Oakland: IEEE, 1982:11-20. 被引量:1
  • 5SABELFELD A, SANDS D. Dimensions and principles of declassification [C] // Proceedings of the 18th IEEE Computer Security Foundations Workshop. Aix-en-Provence: IEEE, 2005:255-269. 被引量:1
  • 6MYERS A C, SABELFELD A, ZDANCEWIC S. Enforcing robust deelassification [C],// Proceedings of the 17th IEEE Computer Security Foundations Workshop. Pacific Grove: IEEE, 2004: 172-186. 被引量:1
  • 7SABELFELD A, MYERS A C. A model for delimited information release [C]// Proceedings of the International Symposium on Software Security 2003 (1SSS'03). Berlin: Springer-Verlag, 2004: 174- 191. 被引量:1
  • 8ROSCOE A W, GOLDSMITH M H. What is intransitive noninterference [C]// Proceedings of the 12th IEEE Computer Security Foundations Workshop. Los Alamitos: IEEE, 1999: 228-238. 被引量:1
  • 9CHONG S, MYERS A C. Security policies for downgrading[C] // Proceeding of 11th ACM Conference on Computer and Communications Security. Washington DC: ACM, 2004: 198-209. 被引量:1
  • 10CHONG S, MYERS A C. Language-based information erasure[C]// Proceedings of the 18th IEEE Computer Security Foundations Workshop. Aix-en-Provence : IEEE, 2005:241-254. 被引量:1

同被引文献25

  • 1谢先江.电子政务外网安全平台建设基本问题初步探讨[J].电子政务,2005(8):23-28. 被引量:6
  • 2Goguen J A, Meseguer J. Security policies and security models[C]//Proceedings of the 1982 Symposium on Security and Privacy, April 26-28, 1982, Oakland, CA. New York: IEEE Xplore, 1982: 11-20. 被引量:1
  • 3Sabelfeld A, Sands D. Declassification: dimensions and principles[J]. Journal of Computer Security, 2009, 17 (5) : 517-548. 被引量:1
  • 4Askarov A, Myers A. A semantic framework for declassifi?cation and endorsement[C]//Proceedings of the 19th Euro?pean Conference on Programming, Languages and Systems, March 20-28, 2010, Paphos, Cyprus. Berlin.Springer-Ver?lag, 2010:64-84. 被引量:1
  • 5Lux A, Mantel H, Perner M. Scheduler-independent de?classification[C]//Proceedings of the 11 th International Con?ference, June 25-27, 2012, Madrid, Spain. Berlin:Springer?Verlag, 2012:25-47. 被引量:1
  • 6Myers A C, Sabelfeld A, Zdancewic S. Enforcing robust declassification and qualified robustness[J]. Journal of Com?puter Security, 2006, 14(2): 157-196. 被引量:1
  • 7van der Meyden R. Architectural refinement and notions of intransitive noninterference[J]. Formal Aspects of Comput?ing, 2012, 24(4/516): 769-792. 被引量:1
  • 8Landauer J, Redmond T. A lattice of infonna tion[C] /I Proceedings of Computer Security Foundations Workshop VI, June 15-17, 1993, Franconia, NH. New York:IEEE Xplore, 1993: 65-70. 被引量:1
  • 9Nakamura Y. Entropy and semivaluations on semilattices[J]. Kodai Mathematical Journal, 1970, 22 (4) : 443-468. 被引量:1
  • 10Heusser J, Malacaria P. Quantifying information leaks in software[C]//Proceedings of the 26th Annual Computer Security Applications Conference, Austin, Texas. New York:ACM,2010:261-269. 被引量:1

引证文献5

二级引证文献6

浙江大学学报(工学版)
2010年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部