Noninterference through Secure Multi-execution

10 years 4 months ago
Noninterference through Secure Multi-execution
A program is defined to be noninterferent if its outputs cannot be influenced by inputs at a higher security level than their own. Various researchers have demonstrated how this property (or closely related properties) can be achieved through information flow analysis, using either a static analysis (with a type system or otherwise), or using a dynamic monitoring system. We propose an alternative approach, based on a technique we call secure multi-execution. The main idea is to execute a program multiple times, once for each security level, using special rules for I/O operations. Outputs are only produced in the execution linked to their security level. Inputs are replaced by default inputs except in executions linked to their security level or higher. Input side effects are supported by making higher-security-level executions reuse inputs obtained in lower-security-level threads. We show that this approach is interesting from both a theoretical and practical viewpoint. Theoretically, ...
Dominique Devriese, Frank Piessens
Added 15 Feb 2011
Updated 15 Feb 2011
Type Journal
Year 2010
Where SP
Authors Dominique Devriese, Frank Piessens
Comments (0)