Title :
On confidentiality and algorithms: programming under the constraints of noninterference
Author :
Agat, Johan ; Sands, David
Abstract :
Recent interest in methods for certifying programs for secure information flow (noninterference) have failed to raise a key question: can efficient algorithms be written so as to satisfy the requirements of secure information flow? We discuss how algorithms for searching and sorting can be adapted to work on collections of secret data without leaking any confidential information, either directly, indirectly, or through timing behaviour. We pay particular attention to the issue of timing channels caused by cache behaviour and argue that it is necessary to disable the affect of the cache in order to construct algorithms manipulating pointers to objects in such a way that they satisfy the conditions of noninterference. We also discuss how randomisation can be used to implement secure algorithms, and discuss how randomised hash tables might be made practically secure
Keywords :
cache storage; data privacy; security of data; sorting; cache; data confidentiality; data security; noninterference; pointers; program certification; programming; randomised hash tables; searching; secure information flow; sorting; timing channels; Certification; Data security; Databases; Home computing; Information security; Internet; Performance analysis; Privacy; Sorting; Timing;
Conference_Titel :
Security and Privacy, 2001. S&P 2001. Proceedings. 2001 IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-7695-1046-9
DOI :
10.1109/SECPRI.2001.924288
