Mon 5 - Sat 10 December 2022 Auckland, New Zealand
Wed 7 Dec 2022 13:30 - 14:00 at Seminar Room G145 - Information Flow and Discussion Chair(s): Alan Jeffrey

Static information flow control (IFC) systems provide the ability to restrict data flows within a program, enabling vulnerable functionality or confidential data to be statically isolated from unsecured data or program logic. Despite the wide applicability of IFC as a mechanism for guaranteeing confidentiality and integrity— the fundamental properties on which computer security relies— existing IFC systems have seen little use, requiring users to reason about complicated mechanisms such as lattices of security labels and dual notions of confidentiality and integrity within these lattices. We propose a system that diverges significantly from previous work on information flow control, opting to reason directly about the data that programmers already work with. In doing so, we naturally and seamlessly combine the clasically separate notions of confidentiality and integrity into one unified framework, further simplifying reasoning. We motivate and showcase our work through two case studies on TLS private key management: one for Rocket, a popular Rust web framework, and another for Conduit, a server implementation for the Matrix messaging service written in Rust.

Wed 7 Dec

Displayed time zone: Auckland, Wellington change

13:30 - 15:00
Information Flow and DiscussionHATRA at Seminar Room G145
Chair(s): Alan Jeffrey Roblox
Static Information Flow Control Made Simple
Hemant Gouni University of Minnesota at Twin Cities, Jonathan Aldrich Carnegie Mellon University
Link to publication
Michael Coblenz University of California, San Diego, Jonathan Aldrich Carnegie Mellon University, Luke Church University of Cambridge | Lund University | Lark Systems