CAREER: Building Secure Applications with Non-Static Information Flow Policies

职业：使用非静态信息流策略构建安全应用程序

• 批准号: 2401182
• 负责人: Danfeng Zhang
• 金额: $ 51.39万
• 依托单位: Duke University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-10-01 至 2025-06-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2401182&HistoricalAwards=false
• 关键词: CAREER; Building; Secure; Applications; Non

Many security concerns in computer systems can be understood in terms of information flows: private and untrusted data, as well as data derived from them, should never flow to unintended channels in a computer system. In real-world systems, such security concerns typically change over time. For example, a payment system is allowed to use credit card details during a transaction, but it should not retain any record of credit card details once the transaction is complete. The dynamic nature of security concerns makes it challenging to build, verify and debug applications with non-static information flow policies. Consequently, the information flow policies of many security-sensitive applications are currently either unspecified at all, or being treated in an ad-hoc manner, resulting in large trusted computing bases and many security bugs in real applications. This award investigates an integrated research and education plan designed to transform the way that programmers understand, specify, verify and debug non-static information flow policies. It contains three components to address the key obstacles of building secure applications with non-static policy: (1) Dependent policy gives a simple, declarative and unified view of non-static policies, including dynamic policy, downgrading policy and erasure policy that are currently formalized and checked with unconnected semantic goals, (2) CONST, a constraint language for analyzing non-static policies in applications, and (3) An error diagnosis module that provides useful feedbacks when a program violates the specified non-static policy. This research will also develop and open-source a new toolchain that integrates the three novel components, making it feasible to specify, verify and debug real applications with non-static information flow policy.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

计算机系统中的许多安全问题可以从信息流的角度来理解：私有和不受信任的数据，以及从它们派生的数据，永远不应该流向计算机系统中的非预期通道。在现实世界的系统中，这种安全问题通常会随着时间的推移而变化。例如，允许支付系统在交易期间使用信用卡详细信息，但一旦交易完成，它就不应该保留任何信用卡详细信息的记录。安全问题的动态特性使得使用非静态信息流策略构建、验证和调试应用程序具有挑战性。因此，许多安全敏感应用的信息流策略当前要么根本未指定，要么以自组织方式处理，导致大的可信计算基础和真实的应用中的许多安全缺陷。该奖项调查了一个综合的研究和教育计划，旨在改变程序员理解，指定，验证和调试非静态信息流策略的方式。它包含三个组件来解决使用非静态策略构建安全应用程序的关键障碍：（1）依赖策略给出了非静态策略的简单、声明性和统一的视图，包括动态策略、降级策略和擦除策略，这些策略当前被形式化并使用不相关的语义目标进行检查，（2）CONST，一种用于分析应用中的非静态策略的约束语言，以及（3）错误诊断模块，当程序违反指定的非静态策略时提供有用的反馈。这项研究还将开发和开源一个新的工具链，集成了三个新的组件，使其可行的指定，验证和调试真实的应用程序与非静态信息流政策。这个奖项反映了NSF的法定使命，并已被认为是值得支持的评估使用基金会的智力价值和更广泛的影响审查标准。