Secure Guarded Commands

Abstract

We develop a lightweight approach to information flow control that interacts with the use of cryptographic schemes. The language is a version of Dijkstra’s Guarded Commands language extended with parallelism, communication and symmetric cryptography. Information flow is modelled using security labels that are sets of hashed symmetric keys expressing the capabilities needed for access to data. In essence, encryption is used to encapsulate the protection offered by the information flow policy. We develop a type system aimed at tracking explicit, implicit, bypassing and correlation flows arising due to the parallel processes and the internal non-determinism inherent in Guarded Commands. The development is facilitated by the parallel processes having disjoint memories and is illustrated on a multiplexer scenario previously addressed using content-dependent information flow policies.