posted on 2023-11-29, 18:26authored byRoberto Guanciale, Christoph Baumann, Pablo Buiras, Mads Dam, Hamed Nemati
In this work we employ information-flow-aware refinement to study security properties of a separation kernel. We focus on refinements that support changes in data representation and semantics, including the addition of state variables that may induce new observational power or side channels. We leverage an epistemic approach to ignorance-preserving refinement where an abstract model is used as a specification of a system's permitted information flows that may include the declassification of secret information. The core idea is to require that refinement steps must not induce observer knowledge that is not already available in the abstract model. In particular, we show that a simple key manager may cause information leakage via a refinement that includes cache and timing information. Finally, we show that deploying standard countermeasures against cache-based timing channels regains ignorance preservation.
History
Preferred Citation
Guanciale Roberto, Baumann Christoph, Buiras Pablo, Dam Mads and Nemati Hamed. A Case Study in Information Flow Refinement for Low Level Systems. In: The Logic of Software. A Tasting Menu of Formal Method. 2022.
Primary Research Area
Reliable Security Guarantees
Legacy Posted Date
2022-09-23
Book Title
The Logic of Software. A Tasting Menu of Formal Method
Page Range
54-79
Publisher
Springer Cham
Open Access Type
Hybrid
BibTeX
@incollection{cispa_all_3785,
title = "A Case Study in Information Flow Refinement for Low Level Systems",
author = "Roberto Guanciale and Christoph Baumann and Pablo Buiras and Mads Dam and Hamed Nemati",
booktitle="{The Logic of Software. A Tasting Menu of Formal Method}",
year="2022",
}