Fault-Tolerant Non-interference. Del Tedesco, F.; Russo, A.; and Sands, D. In Engineering Secure Software and Systems (ESSoS'14), volume 8364, of LNCS, pages 60--76. Springer International Publishing, 2014.
Fault-Tolerant Non-interference [pdf]Paper  abstract   bibtex   
This paper is about ensuring security in unreliable systems. We study systems which are subject to transient faults -– soft errors that cause stored values to be corrupted. The classic problem of fault tolerance is to modify a system so that it works despite a limited number of faults. We introduce a novel variant of this problem. Instead of demanding that the system works despite faults, we simply require that it remains secure: wrong answers may be given but secrets will not be revealed. We develop a software-based technique to achieve this fault- tolerant non-interference property. The method is defined on a simple assembly language, and guarantees security for any assembly program provided as input. The security property is defined on top of a formal model that encompasses both the fault-prone machine and the faulty environment. A precise characterization of the class of programs for which the method guarantees transparency is provided.
@incollection{DelTedesco:Russo:Sands:ESSOS14,
  title={Fault-Tolerant Non-interference},
  author={Del Tedesco, Filippo and Russo, Alejandro and Sands, David},
  booktitle={Engineering Secure Software and Systems (ESSoS'14)},
  pages={60--76},
  volume={8364}, 
  series={LNCS},
  year={2014},
  publisher={Springer International Publishing},
url_Paper = {http://www.cse.chalmers.se/~dave/papers/essos14.pdf},
  abstract = {This paper is about ensuring security in unreliable systems. We study systems which are subject to transient faults -– soft errors that cause stored values to be corrupted. The classic problem of fault tolerance is to modify a system so that it works despite a limited number of faults. We introduce a novel variant of this problem. Instead of demanding that the system works despite faults, we simply require that it remains secure: wrong answers may be given but secrets will not be revealed. We develop a software-based technique to achieve this fault- tolerant non-interference property. The method is defined on a simple assembly language, and guarantees security for any assembly program provided as input. The security property is defined on top of a formal model that encompasses both the fault-prone machine and the faulty environment. A precise characterization of the class of programs for which the method guarantees transparency is provided.}  
}
Downloads: 0