Hypercollecting semantics and its application to static analysis of information flow

Mounir Assaf; David A. Naumann; Julien Signoles; Éric Totel; Frédéric Tronel

doi:10.1145/3009837.3009889

Hypercollecting semantics and its application to static analysis of information flow

Mounir Assaf, David A. Naumann, Julien Signoles, Éric Totel, Frédéric Tronel

Department of Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

26 Scopus citations

Abstract

We show how static analysis for secure information flow can be expressed and proved correct entirely within the framework of abstract interpretation. The key idea is to define a Galois connection that directly approximates the hyperproperty of interest. To enable use of such Galois connections, we introduce a fixpoint characterisation of hypercollecting semantics, i.e. a "set of sets" transformer. This makes it possible to systematically derive static analyses for hyperproperties entirely within the calculational framework of abstract interpretation.We evaluate this technique by deriving example static analyses. For qualitative information flow, we derive a dependence analysis similar to the logic of Amtoft and Banerjee (SAS'04) and the type system of Hunt and Sands (POPL'06). For quantitative information flow, we derive a novel cardinality analysis that bounds the leakage conveyed by a program instead of simply deciding whether it exists. This encompasses problems that are hypersafety but not k-safety. We put the framework to use and introduce variations that achieve precision rivalling the most recent and precise static analyses for information flow.

Original language	English
Title of host publication	POPL 2017 - Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages
Editors	Andrew D. Gordon, Giuseppe Castagna
Pages	874-887
Number of pages	14
ISBN (Electronic)	9781450346603
DOIs	https://doi.org/10.1145/3009837.3009889
State	Published - 1 Jan 2017
Event	44th ACM SIGPLAN Symposium on Principles of Programming Languages, POPL 2017 - Paris, France Duration: 15 Jan 2017 → 21 Jan 2017

Publication series

Name	Conference Record of the Annual ACM Symposium on Principles of Programming Languages
ISSN (Print)	0730-8566

Conference

Conference	44th ACM SIGPLAN Symposium on Principles of Programming Languages, POPL 2017
Country/Territory	France
City	Paris
Period	15/01/17 → 21/01/17

Keywords

Abstract interpretation
Hyperproperties
Information flow
Static analysis

Access to Document

10.1145/3009837.3009889

Cite this

Assaf, M., Naumann, D. A., Signoles, J., Totel, É., & Tronel, F. (2017). Hypercollecting semantics and its application to static analysis of information flow. In A. D. Gordon, & G. Castagna (Eds.), POPL 2017 - Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages (pp. 874-887). (Conference Record of the Annual ACM Symposium on Principles of Programming Languages). https://doi.org/10.1145/3009837.3009889

Assaf, Mounir ; Naumann, David A. ; Signoles, Julien et al. / Hypercollecting semantics and its application to static analysis of information flow. POPL 2017 - Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages. editor / Andrew D. Gordon ; Giuseppe Castagna. 2017. pp. 874-887 (Conference Record of the Annual ACM Symposium on Principles of Programming Languages).

@inproceedings{d5c759e43132463ba9c7e9f7015956e6,

title = "Hypercollecting semantics and its application to static analysis of information flow",

abstract = "We show how static analysis for secure information flow can be expressed and proved correct entirely within the framework of abstract interpretation. The key idea is to define a Galois connection that directly approximates the hyperproperty of interest. To enable use of such Galois connections, we introduce a fixpoint characterisation of hypercollecting semantics, i.e. a {"}set of sets{"} transformer. This makes it possible to systematically derive static analyses for hyperproperties entirely within the calculational framework of abstract interpretation.We evaluate this technique by deriving example static analyses. For qualitative information flow, we derive a dependence analysis similar to the logic of Amtoft and Banerjee (SAS'04) and the type system of Hunt and Sands (POPL'06). For quantitative information flow, we derive a novel cardinality analysis that bounds the leakage conveyed by a program instead of simply deciding whether it exists. This encompasses problems that are hypersafety but not k-safety. We put the framework to use and introduce variations that achieve precision rivalling the most recent and precise static analyses for information flow.",

keywords = "Abstract interpretation, Hyperproperties, Information flow, Static analysis",

author = "Mounir Assaf and Naumann, {David A.} and Julien Signoles and {\'E}ric Totel and Fr{\'e}d{\'e}ric Tronel",

note = "Publisher Copyright: {\textcopyright} 2017 ACM.; 44th ACM SIGPLAN Symposium on Principles of Programming Languages, POPL 2017 ; Conference date: 15-01-2017 Through 21-01-2017",

year = "2017",

month = jan,

day = "1",

doi = "10.1145/3009837.3009889",

language = "English",

series = "Conference Record of the Annual ACM Symposium on Principles of Programming Languages",

pages = "874--887",

editor = "Gordon, {Andrew D.} and Giuseppe Castagna",

booktitle = "POPL 2017 - Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages",

}

Assaf, M, Naumann, DA, Signoles, J, Totel, É & Tronel, F 2017, Hypercollecting semantics and its application to static analysis of information flow. in AD Gordon & G Castagna (eds), POPL 2017 - Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages. Conference Record of the Annual ACM Symposium on Principles of Programming Languages, pp. 874-887, 44th ACM SIGPLAN Symposium on Principles of Programming Languages, POPL 2017, Paris, France, 15/01/17. https://doi.org/10.1145/3009837.3009889

Hypercollecting semantics and its application to static analysis of information flow. / Assaf, Mounir; Naumann, David A.; Signoles, Julien et al.
POPL 2017 - Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages. ed. / Andrew D. Gordon; Giuseppe Castagna. 2017. p. 874-887 (Conference Record of the Annual ACM Symposium on Principles of Programming Languages).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Hypercollecting semantics and its application to static analysis of information flow

AU - Assaf, Mounir

AU - Naumann, David A.

AU - Signoles, Julien

AU - Totel, Éric

AU - Tronel, Frédéric

PY - 2017/1/1

Y1 - 2017/1/1

N2 - We show how static analysis for secure information flow can be expressed and proved correct entirely within the framework of abstract interpretation. The key idea is to define a Galois connection that directly approximates the hyperproperty of interest. To enable use of such Galois connections, we introduce a fixpoint characterisation of hypercollecting semantics, i.e. a "set of sets" transformer. This makes it possible to systematically derive static analyses for hyperproperties entirely within the calculational framework of abstract interpretation.We evaluate this technique by deriving example static analyses. For qualitative information flow, we derive a dependence analysis similar to the logic of Amtoft and Banerjee (SAS'04) and the type system of Hunt and Sands (POPL'06). For quantitative information flow, we derive a novel cardinality analysis that bounds the leakage conveyed by a program instead of simply deciding whether it exists. This encompasses problems that are hypersafety but not k-safety. We put the framework to use and introduce variations that achieve precision rivalling the most recent and precise static analyses for information flow.

AB - We show how static analysis for secure information flow can be expressed and proved correct entirely within the framework of abstract interpretation. The key idea is to define a Galois connection that directly approximates the hyperproperty of interest. To enable use of such Galois connections, we introduce a fixpoint characterisation of hypercollecting semantics, i.e. a "set of sets" transformer. This makes it possible to systematically derive static analyses for hyperproperties entirely within the calculational framework of abstract interpretation.We evaluate this technique by deriving example static analyses. For qualitative information flow, we derive a dependence analysis similar to the logic of Amtoft and Banerjee (SAS'04) and the type system of Hunt and Sands (POPL'06). For quantitative information flow, we derive a novel cardinality analysis that bounds the leakage conveyed by a program instead of simply deciding whether it exists. This encompasses problems that are hypersafety but not k-safety. We put the framework to use and introduce variations that achieve precision rivalling the most recent and precise static analyses for information flow.

KW - Abstract interpretation

KW - Hyperproperties

KW - Information flow

KW - Static analysis

UR - http://www.scopus.com/inward/record.url?scp=85015266297&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85015266297&partnerID=8YFLogxK

U2 - 10.1145/3009837.3009889

DO - 10.1145/3009837.3009889

M3 - Conference contribution

AN - SCOPUS:85015266297

T3 - Conference Record of the Annual ACM Symposium on Principles of Programming Languages

SP - 874

EP - 887

BT - POPL 2017 - Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages

A2 - Gordon, Andrew D.

A2 - Castagna, Giuseppe

T2 - 44th ACM SIGPLAN Symposium on Principles of Programming Languages, POPL 2017

Y2 - 15 January 2017 through 21 January 2017

ER -

Assaf M, Naumann DA, Signoles J, Totel É, Tronel F. Hypercollecting semantics and its application to static analysis of information flow. In Gordon AD, Castagna G, editors, POPL 2017 - Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages. 2017. p. 874-887. (Conference Record of the Annual ACM Symposium on Principles of Programming Languages). doi: 10.1145/3009837.3009889

Hypercollecting semantics and its application to static analysis of information flow

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this