Complexity and information flow analysis for multi-threaded programs

This paper studies the security of multi-threaded programs. We combine two methods, i.e., qualitative and quantitative security analysis, to check whether a multi-threaded program is secure or not. In this paper, besides reviewing classical analysis models, we present a novel model of quantitative a...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	The European physical journal. ST, Special topics Special topics, 2017-07, Vol.226 (10), p.2375-2392
Hauptverfasser:	Ngo, Tri Minh, Huisman, Marieke
Format:	Artikel
Sprache:	eng
Schlagworte:	Aspects of Statistical Mechanics and Dynamical Complexity Atomic Classical and Continuum Physics Complexity Condensed Matter Physics Cybersecurity Information flow Information theory Materials Science Measurement Science and Instrumentation Molecular Optical and Plasma Physics Physics Physics and Astronomy Qualitative analysis Quantitative analysis Review Scheduling
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

Beschreibung
Zusammenfassung:	This paper studies the security of multi-threaded programs. We combine two methods, i.e., qualitative and quantitative security analysis, to check whether a multi-threaded program is secure or not. In this paper, besides reviewing classical analysis models, we present a novel model of quantitative analysis where the attacker is able to select the scheduling policy. This model does not follow the traditional information-theoretic channel setting. Our analysis first studies what extra information an attacker can get if he knows the scheduler’s choices, and then integrates this information into the transition system modeling the program execution. Via a case study, we compare this approach with the traditional information-theoretic models, and show that this approach gives more intuitive-matching results.
ISSN:	1951-6355 1951-6401
DOI:	10.1140/epjst/e2016-60402-0