| [irlsod16] | Joachim Breitner, Jürgen Graf, Martin Hecker, Martin Mohr, Gregor Snelting, On Improvements Of Low-Deterministic Security, Piessens, Frank and Vigan{\`o}, Luca (Ed.), Principles of Security and Trust - 5th International Conference, POST
2016, Held as Part of the European Joint Conferences on Theory and
Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April
2-8, 2016, Proceedings, pp. 68--88, Springer Berlin Heidelberg, 2016.
|
Abstract
Low-security observable determinism (LSOD), as introduced by Roscoe and Zdancewic,
is the simplest criterion which guar- antees probabilistic noninterference for concurrent
programs. But LSOD prohibits any, even secure low-nondeterminism. Giffhorn developed
an improvement, named RLSOD, which allows some secure low-nondeterminism, and can handle
full Java with high precision.
In this paper, we describe a new generalization of RLSOD. By applying aggressive program
analysis, in particular dominators for multi-threaded programs, precision can be boosted
and false alarms minimized. We explain details of the new algorithm, and provide a soundness
proof. The improved RLSOD is integrated into the JOANA tool; a case study is described. We
thus demonstrate that low-deterministic security is a highly precise and practically mature
software security analysis method.
Download
Original article available at springerlink.com.
BibTeX
Authors at the institute
Projects
