Advanced Search
CS Search Google Search
Subscribers, please login

Published Articles >> Table of Contents >> Abstract

16th IEEE Computer Security Foundations Workshop (CSFW'03)   p. 29
Observational Determinism for Concurrent Program Security
Steve Zdancewic, University of Pennsylvania
Andrew C. Myers, Cornell University
Full Article Text: Download PDF of full textBuy this articleGet full text from IEEE Xplore

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSFW.2003.1212703
Send link to a friend

Abstract
Noninterference is a property of sequential programs that is useful for expressing security policies for data confidentiality and integrity. However, extending noninterference to concurrent programs has proved problematic. In this paper we present a relatively expressive secure concurrent language. This language, based on existing concurrent calculi, provides first-class channels, higher-order functions, and an unbounded number of threads. Well-typed programs obey a generalization of noninterference that ensures immunity to internal timing attacks and to attacks that exploit information about the thread scheduler. Elimination of these refinement attacks is possible because the enforced security property extends noninterference with observational determinism. Although the security property is strong, it also avoids some of the restrictiveness imposed on previous security-typed concurrent languages.
Additional Information

Citation:  Steve Zdancewic, Andrew C. Myers, "Observational Determinism for Concurrent Program Security," csfw, p. 29,  16th IEEE Computer Security Foundations Workshop (CSFW'03),  2003

Similar Articles

Abstract Contents
Abstract
Citation

Download Citation
Ascii Text
BibTex
RefWorks
Procite/RefMan/Endnote




Free access to

  • Abstracts
  • Selected PDFs

Electronic subscribers login to:

  • Access HTML/PDFs of full text articles

Subscription information

Get a Web account

PDFs require Adobe Acrobat Reader.

Peer Review Notice

Give us Feedback