@inproceedings{3352177890454653bb3387e9c97e3fa1,
title = "All your IFCException are belong to us",
abstract = "Existing designs for fine-grained, dynamic information-flow control assume that it is acceptable to terminate the entire system when an incorrect flow is detected - i.e, they give up availability for the sake of confidentiality and integrity. This is an unrealistic limitation for systems such as long-running servers. We identify public labels and delayed exceptions as crucial ingredients for making information-flow errors recoverable in a sound and usable language, and we propose two new error-handling mechanisms that make all errors recoverable. The first mechanism builds directly on these basic ingredients, using not-a-values (NaVs) and data flow to propagate errors. The second mechanism adapts the standard exception model to satisfy the extra constraints arising from information flow control, converting thrown exceptions to delayed ones at certain points. We prove that both mechanisms enjoy the fundamental soundness property of non-interference. Finally, we describe a prototype implementation of a full-scale language with NaVs and report on our experience building robust software components in this setting.",
keywords = "NaVs, availability, delayed exceptions, dynamic information flow control, error recovery, exception handling, fine-grained labeling, not-a-values, programming-language design, public labels, reliability",
author = "Cǎtǎlin Hri{\c t}cu and Michael Greenberg and Ben Karel and Pierce, {Benjamin C.} and Greg Morrisett",
year = "2013",
doi = "10.1109/SP.2013.10",
language = "English",
isbn = "9780769549774",
series = "Proceedings - IEEE Symposium on Security and Privacy",
pages = "3--17",
booktitle = "Proceedings - 2013 IEEE Symposium on Security and Privacy, SP 2013",
note = "34th IEEE Symposium on Security and Privacy, SP 2013 ; Conference date: 19-05-2013 Through 22-05-2013",
}