A monadic analysis of information flow security with mutable state

We explore the logical underpinnings of higher-order, security-typed languages with mutable state. Our analysis is based on a logic of information flow derived from lax logic and the monadic metalanguage. Thus, our logic deals with mutation explicitly, with impurity reflected in the types, in contra...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:Journal of functional programming Ročník 15; číslo 2; s. 249 - 291
Hlavní autori: CRARY, KARL, KLIGER, ALEKSEY, PFENNING, FRANK
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: Cambridge, UK Cambridge University Press 01.03.2005
Predmet:
Special Issue on Language Based Security
ISSN:0956-7968, 1469-7653
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Abstract We explore the logical underpinnings of higher-order, security-typed languages with mutable state. Our analysis is based on a logic of information flow derived from lax logic and the monadic metalanguage. Thus, our logic deals with mutation explicitly, with impurity reflected in the types, in contrast to most higher-order security-typed languages, which deal with mutation implicitly via side-effects. More importantly, we also take a store-oriented view of security, wherein security levels are associated with elements of the mutable store. This view matches closely with the operational semantics of low-level imperative languages where information flow is expressed by operations on the store. An interesting feature of our analysis lies in its treatment of upcalls (low-security computations that include high-security ones), employing an “informativeness” judgment indicating under what circumstances a type carries useful information.
AbstractList We explore the logical underpinnings of higher-order, security-typed languages with mutable state. Our analysis is based on a logic of information flow derived from lax logic and the monadic metalanguage. Thus, our logic deals with mutation explicitly, with impurity reflected in the types, in contrast to most higher-order security-typed languages, which deal with mutation implicitly via side-effects. More importantly, we also take a store-oriented view of security, wherein security levels are associated with elements of the mutable store. This view matches closely with the operational semantics of low-level imperative languages where information flow is expressed by operations on the store. An interesting feature of our analysis lies in its treatment of upcalls (low-security computations that include high-security ones), employing an “informativeness” judgment indicating under what circumstances a type carries useful information.
We explore the logical underpinnings of higher-order, security-typed languages with mutable state. Our analysis is based on a logic of information flow derived from lax logic and the monadic metalanguage. Thus, our logic deals with mutation explicitly, with impurity reflected in the types, in contrast to most higher-order security-typed languages, which deal with mutation implicitly via side-effects. More importantly, we also take a store-oriented view of security, wherein security levels are associated with elements of the mutable store. This view matches closely with the operational semantics of low-level imperative languages where information flow is expressed by operations on the store. An interesting feature of our analysis lies in its treatment of upcalls (low-security computations that include high-security ones), employing an "informativeness" judgment indicating under what circumstances a type carries useful information. [PUBLICATION ABSTRACT]
We explore the logical underpinnings of higher-order, security-typed languages with mutable state. Our analysis is based on a logic of information flow derived from lax logic and the monadic metalanguage. Thus, our logic deals with mutation explicitly, with impurity reflected in the types, in contrast to most higher-order security-typed languages, which deal with mutation implicitly via side-effects. More importantly, we also take a store-oriented view of security, wherein security levels are associated with elements of the mutable store. This view matches closely with the operational semantics of low-level imperative languages where information flow is expressed by operations on the store. An interesting feature of our analysis lies in its treatment of upcalls (low-security computations that include high-security ones), employing an “informativeness” judgment indicating under what circumstances a type carries useful information.
Author PFENNING, FRANK
CRARY, KARL
KLIGER, ALEKSEY
Author_xml – sequence: 1
  givenname: KARL
  surname: CRARY
  fullname: CRARY, KARL
  email: crary@cs.cmu.edu
  organization: Carnegie Mellon University, 5000 Forbes Avenue Pittsburgh, PA 15213 USA (email: crary@cs.cmu.edu, aleksey@cs.cmu.edu, fp@cs.cmu.edu)
– sequence: 2
  givenname: ALEKSEY
  surname: KLIGER
  fullname: KLIGER, ALEKSEY
  email: crary@cs.cmu.edu
  organization: Carnegie Mellon University, 5000 Forbes Avenue Pittsburgh, PA 15213 USA (email: crary@cs.cmu.edu, aleksey@cs.cmu.edu, fp@cs.cmu.edu)
– sequence: 3
  givenname: FRANK
  surname: PFENNING
  fullname: PFENNING, FRANK
  email: crary@cs.cmu.edu
  organization: Carnegie Mellon University, 5000 Forbes Avenue Pittsburgh, PA 15213 USA (email: crary@cs.cmu.edu, aleksey@cs.cmu.edu, fp@cs.cmu.edu)
BookMark eNp9kM1OAyEUhYnRxFp9AHfE_Sg_AwxLbbRqjMZYN24IMIyiM0MFmtq3t7VGE42u7uKc7557zw7Y7EPvANjH6BAjLI7ukGRcSF6hEiFWlngDDHDJZSE4o5tgsJKLlb4NdlJ6RghVhFUDcHIMu9Dr2luoe90ukk8wNND3TYidzj70sGnDHCZnZ9HnBZz7_AS7WdamdTBlnd0u2Gp0m9ze5xyC-7PTyei8uLoZX4yOrwpLpcgFqQ0RtpFSW2NpJRg23GlqXFNKInSJasSpNKXFrmYNMlbXxGJpsGaWEWroEBys905jeJ25lNVzmMXl0UkRTEuCOMJLE16bbAwpRdeoafSdjguFkVo1pX41tWTED8b6_PF7jtq3_5LFmvQpu7evKB1fFBdUMMXHt2oiSXV5PX5QYumnn0m6M9HXj-77h79T3gGjbo0h
CitedBy_id crossref_primary_10_1017_S0956796814000033
crossref_primary_10_1017_S0956796816000241
crossref_primary_10_1145_2345156_2254100
crossref_primary_10_1145_3274282
crossref_primary_10_1093_logcom_exv042
crossref_primary_10_1145_2034574_2034792
crossref_primary_10_1017_S0956796808006886
crossref_primary_10_1145_2096148_2034688
crossref_primary_10_1145_3408987
crossref_primary_10_1145_2034574_2034778
crossref_primary_10_1145_1290520_1290526
ContentType Journal Article
Copyright 2005 Cambridge University Press
Copyright_xml – notice: 2005 Cambridge University Press
DBID BSCLL
AAYXX
CITATION
3V.
7SC
7XB
8AL
8FD
8FE
8FG
8FK
ABUWG
AFKRA
ARAPS
AZQEC
BENPR
BGLVJ
CCPQU
DWQXO
GNUQQ
HCIFZ
JQ2
K7-
L7M
L~C
L~D
M0N
P5Z
P62
PHGZM
PHGZT
PKEHL
PQEST
PQGLB
PQQKQ
PQUKI
PRINS
Q9U
DOI 10.1017/S0956796804005441
DatabaseName Istex
CrossRef
ProQuest Central (Corporate)
Computer and Information Systems Abstracts
ProQuest Central (purchase pre-March 2016)
Computing Database (Alumni Edition)
Technology Research Database
ProQuest SciTech Collection
ProQuest Technology Collection
ProQuest Central (Alumni) (purchase pre-March 2016)
ProQuest Central (Alumni Edition)
ProQuest Central UK/Ireland
Advanced Technologies & Computer Science Collection
ProQuest Central Essentials
ProQuest Central
Technology Collection
ProQuest One Community College
ProQuest Central Korea
ProQuest Central Student
SciTech Premium Collection
ProQuest Computer Science Collection
Computer Science Database
Advanced Technologies Database with Aerospace
Computer and Information Systems Abstracts – Academic
Computer and Information Systems Abstracts Professional
Computing Database
Advanced Technologies & Aerospace Database
ProQuest Advanced Technologies & Aerospace Collection
ProQuest One Academic
ProQuest One Academic (New)
ProQuest One Academic Middle East (New)
ProQuest One Academic Eastern Edition (DO NOT USE)
ProQuest One Applied & Life Sciences
ProQuest One Academic (retired)
ProQuest One Academic UKI Edition
ProQuest Central China
ProQuest Central Basic
DatabaseTitle CrossRef
Computer Science Database
ProQuest Central Student
Technology Collection
Technology Research Database
Computer and Information Systems Abstracts – Academic
ProQuest One Academic Middle East (New)
ProQuest Advanced Technologies & Aerospace Collection
ProQuest Central Essentials
ProQuest Computer Science Collection
Computer and Information Systems Abstracts
ProQuest Central (Alumni Edition)
SciTech Premium Collection
ProQuest One Community College
ProQuest Central China
ProQuest Central
ProQuest One Applied & Life Sciences
ProQuest Central Korea
ProQuest Central (New)
Advanced Technologies Database with Aerospace
Advanced Technologies & Aerospace Collection
ProQuest Computing
ProQuest Central Basic
ProQuest Computing (Alumni Edition)
ProQuest One Academic Eastern Edition
ProQuest Technology Collection
ProQuest SciTech Collection
Computer and Information Systems Abstracts Professional
Advanced Technologies & Aerospace Database
ProQuest One Academic UKI Edition
ProQuest One Academic
ProQuest Central (Alumni)
ProQuest One Academic (New)
DatabaseTitleList
Computer Science Database
CrossRef
Database_xml – sequence: 1
  dbid: BENPR
  name: ProQuest Central
  url: https://www.proquest.com/central
  sourceTypes: Aggregation Database
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
EISSN 1469-7653
EndPage 291
ExternalDocumentID 1400712431
10_1017_S0956796804005441
ark_67375_6GQ_T928JNGZ_7
Genre Feature
GroupedDBID -1D
-1F
-2P
-2V
-E.
-~6
-~N
.DC
.FH
09C
09E
0E1
0R~
29K
3V.
4.4
5GY
5VS
6OB
6~7
74X
74Y
7~V
85S
8FE
8FG
8R4
8R5
9M5
AAAZR
AABES
AABWE
AACJH
AAFUK
AAGFV
AAKTX
AAMNQ
AANRG
AARAB
AASVR
AATMM
AAUIS
AAUKB
ABBXD
ABBZL
ABEFU
ABITZ
ABJNI
ABKKG
ABMWE
ABQTM
ABQWD
ABROB
ABTAH
ABTCQ
ABUWG
ABVFV
ABVKB
ABVZP
ABXAU
ABZCX
ABZUI
ACAJB
ACBMC
ACDLN
ACETC
ACGFS
ACIMK
ACMRT
ACRPL
ACUIJ
ACYZP
ACZBM
ACZUX
ACZWT
ADCGK
ADDNB
ADFEC
ADKIL
ADNMO
ADOVH
ADOVT
ADVJH
AEBAK
AEBPU
AEHGV
AEMFK
AEMTW
AENCP
AENEX
AENGE
AEYYC
AFFUJ
AFKQG
AFKRA
AFLOS
AFLVW
AFUTZ
AFZFC
AGABE
AGBYD
AGJUD
AGLWM
AHQXX
AHRGI
AIGNW
AIHIV
AIOIP
AISIE
AJ7
AJCYY
AJPFC
AJQAS
AKZCZ
ALMA_UNASSIGNED_HOLDINGS
ALVPG
ALWZO
AQJOH
ARABE
ARAPS
ARZZG
ATUCA
AUXHV
AYIQA
AZQEC
BBLKV
BCGOX
BENPR
BESQT
BGHMG
BGLVJ
BJBOZ
BLZWO
BMAJL
BPHCQ
BQFHP
C0O
CAG
CBIIA
CCPQU
CCQAD
CCTKK
CCUQV
CDIZJ
CFAFE
CFBFF
CGQII
CHEAL
CJCSC
COF
CS3
D-I
DC4
DOHLZ
DU5
DWQXO
EBS
EGQIC
EJD
GNUQQ
HCIFZ
HG-
HST
I.6
I.7
I.9
IH6
IKXGN
IOEEP
IOO
IPYYG
IS6
I~P
J36
J38
J3A
JHPGK
JQKCU
K6V
K7-
KAFGG
KCGVB
KFECR
L98
LHUNA
LW7
M-V
M0N
M48
M7~
M8.
NIKVX
NMFBF
NZEOI
OK1
OYBOY
P2P
P62
PQQKQ
PROAC
PYCCK
Q2X
RAMDC
RCA
RIG
ROL
RR0
S6-
S6U
SAAAG
T9M
TWZ
UT1
WFFJZ
WQ3
WXU
WYP
YYM
ZDLDU
ZJOSE
ZMEZD
ZY4
ZYDXJ
~V1
AAKNA
ABGDZ
ABXHF
ACEJA
AGQPQ
AKMAY
AMVHM
ANOYL
BSCLL
PHGZM
PHGZT
PQGLB
PUEGO
AAYXX
AFFHD
CITATION
7SC
7XB
8AL
8FD
8FK
JQ2
L7M
L~C
L~D
PKEHL
PQEST
PQUKI
PRINS
Q9U
ID FETCH-LOGICAL-c397t-2db27cf99acbc38751b6ea3bef4927a40d0639b4c1ed5f0bcad2c19b1a5c523b3
IEDL.DBID P5Z
ISICitedReferencesCount 20
ISICitedReferencesURI http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000228082700005&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN 0956-7968
IngestDate Sat Aug 23 13:06:13 EDT 2025
Tue Nov 18 19:37:49 EST 2025
Sat Nov 29 05:36:57 EST 2025
Sun Aug 31 06:48:49 EDT 2025
Tue Jan 21 06:21:09 EST 2025
IsDoiOpenAccess false
IsOpenAccess true
IsPeerReviewed true
IsScholarly true
Issue 2
Language English
License https://www.cambridge.org/core/terms
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c397t-2db27cf99acbc38751b6ea3bef4927a40d0639b4c1ed5f0bcad2c19b1a5c523b3
Notes istex:3FE0C9A5C1EC3B02822D0D81AB54C84F6AD1904D
PII:S0956796804005441
ark:/67375/6GQ-T928JNGZ-7
SourceType-Scholarly Journals-1
ObjectType-Feature-1
content type line 14
OpenAccessLink https://www.cambridge.org/core/services/aop-cambridge-core/content/view/01A8F47B757460768168CAF18989F83A/S0956796804005441a.pdf/div-class-title-a-monadic-analysis-of-information-flow-security-with-mutable-state-div.pdf
PQID 213420601
PQPubID 37264
PageCount 43
ParticipantIDs proquest_journals_213420601
crossref_primary_10_1017_S0956796804005441
crossref_citationtrail_10_1017_S0956796804005441
istex_primary_ark_67375_6GQ_T928JNGZ_7
cambridge_journals_10_1017_S0956796804005441
PublicationCentury 2000
PublicationDate 20050300
2005-03
2005-03-00
20050301
PublicationDateYYYYMMDD 2005-03-01
PublicationDate_xml – month: 3
  year: 2005
  text: 20050300
PublicationDecade 2000
PublicationPlace Cambridge, UK
PublicationPlace_xml – name: Cambridge, UK
– name: Cambridge
PublicationTitle Journal of functional programming
PublicationTitleAlternate J. Funct. Prog
PublicationYear 2005
Publisher Cambridge University Press
Publisher_xml – name: Cambridge University Press
SSID ssj0008258
Score 1.7887787
Snippet We explore the logical underpinnings of higher-order, security-typed languages with mutable state. Our analysis is based on a logic of information flow derived...
SourceID proquest
crossref
istex
cambridge
SourceType Aggregation Database
Enrichment Source
Index Database
Publisher
StartPage 249
SubjectTerms Special Issue on Language Based Security
SummonAdditionalLinks – databaseName: Cambridge Journals Open Access
  dbid: IKXGN
  link: http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV1LSwMxEB7UevDiW6wvchAP4tJmu9vsHlW0viiKD4qXJZkkUKyttPXx802y2fUFggevSxI2M5OZSTL5PoBtYcKaZJEOuNI8iGTDrDnLb2JSeaGoMgHGUbLcXbB2O-l00ssJ6BRvYWxZZYlx4G7yHT_aUw5_WuvKvIZGDWvXFkKPpc3EmqFl0qrZQ8uaV0HmBT8JFZPBhGbJVk7PO6126aXNzigpcPjsKMWNp4OT_jbyZ9yFL_GrYlXx9sONu9h0PPd_s5qHWZ-vkv38ywJMqP4izBVcEMS7hiU42CfGoLnsIuEe54QMNPG4rFb7RPcGr2Tk-fKIPQAmj89j-3SLuGdNy3B7fHRzeBJ4foYATRYzDkIpQoY6TTkKbJiNDxVNxRtC6SgNGY_q0uY_IkKqZKzrArkMkaaC8hjN_lc0VmCqP-irVSCqGacaUSONeSQ1ctQ0EUJSZMq4QFqFvVJ-mRfGKMsr1Fj2Q2hVqBdKytBjnVvKjd5vXXbLLk850MdvjXec5suWfPhgK-RYnDVbV9lNGiZn7dZ9xqqwXpjGx29bEL3Q4uCs_W1W6zDjgGNdBdwGTI2Hz2oTpvFl3B0Nt7yBvwPZbgbG
  priority: 102
  providerName: Cambridge University Press
Title A monadic analysis of information flow security with mutable state
URI https://www.cambridge.org/core/product/identifier/S0956796804005441/type/journal_article
https://api.istex.fr/ark:/67375/6GQ-T928JNGZ-7/fulltext.pdf
https://www.proquest.com/docview/213420601
Volume 15
WOSCitedRecordID wos000228082700005&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
journalDatabaseRights – providerCode: PRVAEN
  databaseName: Cambridge Journals Open Access
  customDbUrl:
  eissn: 1469-7653
  dateEnd: 99991231
  omitProxy: false
  ssIdentifier: ssj0008258
  issn: 0956-7968
  databaseCode: IKXGN
  dateStart: 19910101
  isFulltext: true
  titleUrlDefault: http://journals.cambridge.org/action/login
  providerName: Cambridge University Press
– providerCode: PRVPQU
  databaseName: Advanced Technologies & Aerospace Database
  customDbUrl:
  eissn: 1469-7653
  dateEnd: 20241212
  omitProxy: false
  ssIdentifier: ssj0008258
  issn: 0956-7968
  databaseCode: P5Z
  dateStart: 20010101
  isFulltext: true
  titleUrlDefault: https://search.proquest.com/hightechjournals
  providerName: ProQuest
– providerCode: PRVPQU
  databaseName: Computer Science Database
  customDbUrl:
  eissn: 1469-7653
  dateEnd: 20241212
  omitProxy: false
  ssIdentifier: ssj0008258
  issn: 0956-7968
  databaseCode: K7-
  dateStart: 20010101
  isFulltext: true
  titleUrlDefault: http://search.proquest.com/compscijour
  providerName: ProQuest
– providerCode: PRVPQU
  databaseName: ProQuest Central
  customDbUrl:
  eissn: 1469-7653
  dateEnd: 20241212
  omitProxy: false
  ssIdentifier: ssj0008258
  issn: 0956-7968
  databaseCode: BENPR
  dateStart: 20010101
  isFulltext: true
  titleUrlDefault: https://www.proquest.com/central
  providerName: ProQuest
link http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV1LTxsxEB4B6YELjxbUFIh8qDhUXRFvduPdEwIEgYJWaUVRxGVlj20JFRKahJafj8fxLiCkXDit5PVIlseehz3-PoCvyrk1LRIbSWNllOiO23PEb-JCeWW4cQ7GU7JcXYiiyAaDvB9qcyahrLKyid5Q6xHSGfkeIY_FBB6yf_83ItIoulwNDBqL0CCQBGJu6KfXtSF2yU9WQe2JvJtVl5oeMdo1UhutYaLhegmt8MpFNWi2H99Yau9-TlbfOfA1WAlxJzuYLZR1WDDDj7BacTqwsMU_weEBcxJS3yCTAa-EjSwL-KqkRWZvR__ZJPDeMTrIZXcPU3qCxfzzpA34fXJ8eXQaBZ6FCF00Mo1irWKBNs8lKuy4BIarrpEdZWySx0ImbU1xjEqQG53atkKpY-S54jJFl8eqziYsDUdD8xmY6aa5RbTIU5loixItz5TSHIVxpow34Xs9zWXYLZNyVmkmyjdaaUK70kSJAbOcqDNu54l8q0XuZ4Ad8zrvevXWPeX4D1W6ibTs9n6Wl3mc_Sh616Vowlal3Odh15r9MvfvFix7vFdfuLYNS9Pxg9mBD_hvejMZt6BxeFz0f7nv2fmgV7Rg8VxELb-QnwAh2PNd
linkProvider ProQuest
linkToHtml http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMw1V3NT9swFH9igDQuMBiIAmM-wA5oEXWa1MlhmhgbX-0qJnUIcQn2sy0hoIW2DPZH8T_i5yYBhNQbB66OX-Tkffnj-fcDWFMurWkR2UAaK4NI15zPEb-Jm8orw41LMJ6S5agpWq3k-Dg9HIP74i4MlVUWMdEHat1F2iPfJOSxkMBDvl9dB0QaRYerBYPG0Coa5v-tW7H1v-3_dOpdD8OdX-3tvSAnFQjQpd5BEGoVCrRpKlFhzc3WuaobWVPGRmkoZFTVlLRVhNzo2FYVSh0iTxWXMbpFm6q5976DiciJkls1RFAGfrfYSgpoP5HWk-IQ1SNUu0ZqI58h2q-nUA7PUuIEaffuRWbw6W5n5o39qA8wnc-r2dbQEWZhzHTmYKbgrGB5CPsIP7aYG6HUZ8hkjsfCupbl-LFkpcxedG9ZP-f1Y7RRzS5vBnTFjPnrV_Pw91W-ZAHGO92OWQRm6nFqES3yWEbaokTLE6U0R2FcqOYV-FqqNcujQT8bVtKJ7IUVVKBaaD7DHJOdqEEuRolslCJXQ0CSUZ2_eHMqe8reOVXyiTir7_7J2mmYHLR2TzJRgeXCmB6HXVrS0sinn-H9Xvt3M2vutxrLMOWxbX2R3gqMD3o35hNM4r_BWb-36t2Fwelrm90DmX5Ozg
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=A+monadic+analysis+of+information+flow+security+with+mutable+state&rft.jtitle=Journal+of+functional+programming&rft.au=CRARY%2C+KARL&rft.au=KLIGER%2C+ALEKSEY&rft.au=PFENNING%2C+FRANK&rft.date=2005-03-01&rft.pub=Cambridge+University+Press&rft.issn=0956-7968&rft.eissn=1469-7653&rft.volume=15&rft.issue=2&rft.spage=249&rft.epage=291&rft_id=info:doi/10.1017%2FS0956796804005441&rft.externalDBID=n%2Fa&rft.externalDocID=ark_67375_6GQ_T928JNGZ_7
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0956-7968&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0956-7968&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0956-7968&client=summon