Learn More
The idea of building secure systems by plugging together "secure'' components is appealing, but this requires a definition of security which, in addition to taking care of top-level security goals, is strengthened appropriately in order to be compositional. This approach has been previously studied for information-flow security of shared-variable concurrent(More)
The combining calculus [MSK07] provides a framework for analyzing the information flow of multi-threaded programs. The calculus incorporates so called plug-in rules for integrating several previously existing analysis techniques. By applying a plug-in rule to a subprogram, one decides to analyze this subpro-gram with the given analysis technique, and not(More)
When giving a program access to secret information, one must ensure that the program does not leak the secrets to untrusted sinks. For reducing the complexity of such an information flow analysis , one can employ compositional proof techniques. In this article, we present a new approach to analyzing information flow security in a com-positional manner.(More)
We present a formal model for analyzing the bandwidth of covert channels. The focus is on channels that exploit interrupt-driven communication, which have been shown to pose a serious threat in practical experiments. Our work builds on our earlier model [1], which we used to compare the effectiveness of different countermeasures against such channels. The(More)
Interrupt-driven communication with hardware devices can be exploited for establishing covert channels. In this article, we propose an information-theoretic framework for analyzing the bandwidth of such interrupt-related channels while taking aspects of noise into account. As countermeasures, we present mechanisms that are already implemented in some(More)
We empirically evaluate interrupt-related covert channels, in short IRCCs, a type of covert channel that leverages hardware interrupts for communication. The evaluation is based on an exploit of IRCCs that we implemented as a proof-of-concept. We use a combination of experimental evaluation and information-theoretic analysis to compute the bandwidth of the(More)