Non-interference happens when some elements of a dynamic system do not interfere, i.e., do not a ect, other elements in the same system. Originally introduced in language-based security, non-interference means that the manipulation of private information has no e ect on public observations of data. In this paper we introduce abstract non-interference as a weakening of non-interference by abstract interpretation. Abstract non- interference is parametric on which private information we want to protect and which are the observational capabilities of the external observer, i.e., what the attacker can observe of a computation and of the data manipulated during the computation. This allows us to model a variety of situations in information- ow security, where the security of a system can be mastered by controlling the degree of precision of the strongest harmless attacker and the properties that are potentially leaked in case of successful attack.

Abstract Non-Interference: A unifying framework for weakening information flow

Giacobazzi Roberto;Mastroeni Isabella
2018-01-01

Abstract

Non-interference happens when some elements of a dynamic system do not interfere, i.e., do not a ect, other elements in the same system. Originally introduced in language-based security, non-interference means that the manipulation of private information has no e ect on public observations of data. In this paper we introduce abstract non-interference as a weakening of non-interference by abstract interpretation. Abstract non- interference is parametric on which private information we want to protect and which are the observational capabilities of the external observer, i.e., what the attacker can observe of a computation and of the data manipulated during the computation. This allows us to model a variety of situations in information- ow security, where the security of a system can be mastered by controlling the degree of precision of the strongest harmless attacker and the properties that are potentially leaked in case of successful attack.
2018
Abstract interpretation, abstract domains, non-interference, closure operators, semantics, program analysis, language-based security
File in questo prodotto:
File Dimensione Formato  
3175660.pdf

solo utenti autorizzati

Tipologia: Versione dell'editore
Licenza: Creative commons
Dimensione 945.82 kB
Formato Adobe PDF
945.82 kB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11562/971298
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 19
  • ???jsp.display-item.citation.isi??? 13
social impact