Foundations and Trends® in Programming Languages > Vol 8 > Issue 1

From Fine- to Coarse-Grained Dynamic Information Flow Control and Back

By Marco Vassena, Utrecht University, The Netherlands, m.vassena@uu.nl | Alejandro Russo, Chalmers University of Technology, Sweden, russo@chalmers.se | Deepak Garg, Max Planck Institute for Software Systems, Germany, dg@mpi-sws.org | Vineet Rajani, University of Kent, UK, v.rajani@kent.ac.uk | Deian Stefan, University of California, San Diego, USA, deian@cs.ucsd.edu

 
Suggested Citation
Marco Vassena, Alejandro Russo, Deepak Garg, Vineet Rajani and Deian Stefan (2023), "From Fine- to Coarse-Grained Dynamic Information Flow Control and Back", Foundations and Trends® in Programming Languages: Vol. 8: No. 1, pp 1-117. http://dx.doi.org/10.1561/2500000046

Publication Date: 09 Oct 2023
© 2023 M. Vassena et al.
 
Subjects
Program Transformations and Optimizations,  Programming Language Security,  Information Flow,  Language-based Security and Privacy
 

Free Preview:

Download extract

Share

Download article
In this article:
1. Introduction
2. Fine-Grained IFC Calculus
3. Coarse-Grained IFC Calculus
4. Verified Artifacts
5. Fine- to Coarse-Grained Program Translation
6. Coarse- to Fine-Grained Program Translation
7. Related Work
8. Conclusion
References

Abstract

This tutorial provides a complete and homogeneous account of the latest advances in fine- and coarse-grained dynamic information-flow control (IFC) security. Since the 1970s, the programming language and the operating system communities proposed different IFC approaches. IFC operating systems track information flows in a coarse-grained fashion, at the granularity of a process. In contrast, traditional language-based approaches to IFC are fine-grained: they track information flows at the granularity of program variables. For decades, researchers believed coarse-grained IFC to be strictly less permissive than fine-grained IFC—coarse grained IFC systems seem inherently less precise because they track less information—and so granularity appeared to be a fundamental feature of IFC systems.

We show that the granularity of the tracking system does not fundamentally restrict how precise or permissive dynamic IFC systems can be. To this end, we mechanize two mostly standard languages, one with a fine-grained dynamic IFC system and the other with a coarse-grained dynamic IFC system, and prove a semantics-preserving translation from each language to the other. In addition, we derive the standard security property of non-interference of each language from that of the other, via our verified translation.

These translations stand to have important implications on the usability of IFC approaches. The coarse- to fine-grained direction can be used to remove the label annotation burden that fine-grained systems impose on developers, while the fine- to coarse-grained translation shows that coarse-grained systems—which are easier to design and implement—can track information as precisely as fine-grained systems and provides an algorithm for automatically retrofitting legacy applications to run on existing coarse-grained systems.

DOI:10.1561/2500000046
ISBN: 978-1-63828-218-1
130 pp. $90.00
Buy book (pb)
 
ISBN: 978-1-63828-219-8
130 pp. $150.00
Buy E-book (.pdf)
Table of contents:
1. Introduction
2. Fine-Grained IFC Calculus
3. Coarse-Grained IFC Calculus
4. Verified Artifacts
5. Fine- to Coarse-Grained Program Translation
6. Coarse- to Fine-Grained Program Translation
7. Related Work
8. Conclusion
References

From Fine- to Coarse-Grained Dynamic Information Flow Control and Back

Dynamic information-flow control (IFC) is a principled approach to protecting the confidentiality and integrity of data in software systems. This tutorial provides a complete and homogeneous account of the latest advances in fine- and coarse-grained dynamic information-flow control security.

Written for students, practitioners and researchers, the authors first introduce both fine- and coarse-grained IFC in a gentle and accessible way, laying the groundwork for subsequent chapters. They proceed to show that, contrary to common belief, the granularity of the tracking system is not a fundamental feature of IFC systems and hence does not restrict how precise or permissive dynamic IFC systems can be. To achieve this, the authors demonstrate practical examples of both Fine to Coarse-Grained and Coarse- to Fine-Grained Program Translation.

This tutorial will give readers the insights required to understand, develop and implement dynamic information-flow control to improve the security of a wide variety of software systems.

 
PGL-046