Specification and static enforcement of scheduler-independent noninterference in a middleweight Java |
| |
| Affiliation: | 1. Department of Computer Engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), P.O. Box: 15875-4413, Tehran, Iran;2. School of Computer Science, Institute for Research in Fundamental Sciences (IPM), P.O. Box: 19395-5746, Tehran, Iran;1. University of Alabama, Tuscaloosa, Alabama, USA;2. University of Montreal, Montreal, Canada |
| |
| Abstract: | We introduce a new timing covert channel that arises from the interplay between multithreading and object orientation. This example motivates us to explore the root of the problem and to devise a mechanism for preventing such errors. In doing so, we first add multithreading constructs to Middleweight Java, a subset of the Java programming language with a fairly rich set of features. A noninterference property is then presented which basically demands program executions be equivalent in the view of whom observing final public values in environments using the so-called high-independent schedulers. It is scheduler-independent in the sense that no matter which scheduler is employed, the executions of the program satisfying the property do not lead to illegal information flows in the form of explicit, implicit, or timing channels. We also give a provably sound type-based static mechanism to enforce the proposed property. |
| |
| Keywords: | Covert channels Multithreaded object-oriented programming Scheduler-independent noninterference Security type systems |
| 本文献已被 ScienceDirect 等数据库收录! |
|
