Secure Multi-execution in Haskell

  • Mauro Jaskelioff
  • Alejandro Russo
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7162)


Language-based information-flow security has emerged as a promising technology to guarantee confidentiality in on-line systems, where enforcement mechanisms are typically presented as run-time monitors, code transformations, or type-systems. Recently, an alternative technique, called secure multi-execution, has been proposed. The main idea behind this novel approach consists on running a program multiple times, once for each security level, using special rules for I/O operations. Compared to run-time monitors and type-systems, secure multi-execution does not require to inspect the full code of the application (only its I/O actions). In this paper, we propose the core of a library to provide non-interference through secure-multi execution. We present the code of the library as well as a running example for Haskell. To the best of our knowledge, this paper is the first work to consider secure-multi execution in a functional setting and provide this technology as a library.


Security Policy Security Level Credit Period High Security Level Credit Term 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Andrews, M.: Guest Editor’s Introduction: The State of Web Security. IEEE Security and Privacy 4(4), 14–15 (2006)CrossRefGoogle Scholar
  2. 2.
    Chong, S., Liu, J., Myers, A.C., Qi, X., Vikram, K., Zheng, L., Zheng, X.: Secure web applications via automatic partitioning. In: Proc. ACM Symp. on Operating System Principles, pp. 31–44 (October 2007)Google Scholar
  3. 3.
    Cohen, E.S.: Information transmission in computational systems. ACM SIGOPS Operating Systems Review 11(5), 133–139 (1977)CrossRefGoogle Scholar
  4. 4.
    Conti, J.J., Russo, A.: A taint mode for Python via a library. In: NordSec 2010. Selected paper by OWASP AppSec Research 2010 (2010)Google Scholar
  5. 5.
    Credit Research Foundation. Ratios and formulas in customer financial analysis (1999),
  6. 6.
    Del Tedesco, F., Russo, A., Sands, D.: Implementing erasure policies using taint analysis. In: Aura, T. (ed.) The 15th Nordic Conf. in Secure IT Systems. Springer, Heidelberg (2010)Google Scholar
  7. 7.
    Devriese, D., Piessens, F.: Noninterference through secure multi-execution. In: Proc. of the 2010 IEEE Symposium on Security and Privacy, SP 2010, pp. 109–124. IEEE Computer Society, Washington, DC (2010)CrossRefGoogle Scholar
  8. 8.
    Devriese, D., Piessens, F.: Information flow enforcement in monadic libraries. In: Proc. of the 7th ACM SIGPLAN Workshop on Types in Language Design and Implementation, TLDI 2011, pp. 59–72. ACM, New York (2011)CrossRefGoogle Scholar
  9. 9.
    Federal Aviation Administration (US). Review of Web Applications Security and Intrusion Detection in Air Traffic Control Systems. Note: thousands of vulnerabilities were discovered (June 2009),
  10. 10.
    Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proc. IEEE Symp. on Security and Privacy, pp. 11–20 (April 1982)Google Scholar
  11. 11.
    Heintze, N., Riecke, J.G.: The SLam calculus: programming with secrecy and integrity. In: Proc. ACM Symp. on Principles of Programming Languages, pp. 365–377 (January 1998)Google Scholar
  12. 12.
    Jaskelioff, M.: Lifting of Operations in Modular Monadic Semantics. PhD thesis, University of Nottingham (2009)Google Scholar
  13. 13.
    Jaskelioff, M., Russo, A.: Secure multi-execution in Haskell. software release (2011),
  14. 14.
    Li, P., Zdancewic, S.: Encoding Information Flow in Haskell. In: CSFW 2006: Proc. of the 19th IEEE Workshop on Computer Security Foundations. IEEE Computer Society (2006)Google Scholar
  15. 15.
    Magazinius, J., Phung, P.H., Sands, D.: Safe wrappers and sane policies for self protecting JavaScript. In: Aura, T. (ed.) The 15th Nordic Conf. in Secure IT Systems. Springer, Heidelberg (2010)Google Scholar
  16. 16.
    Moggi, E.: An abstract view of programming languages. Technical Report ECS-LFCS-90-113, Edinburgh University, Edinburgh, Scotland (1989)Google Scholar
  17. 17.
    Moggi, E.: Computational lambda-calculus and monads. In: Proc., Fourth Annual Symposium on Logic in Computer Science, pp. 14–23. IEEE Computer Society (1989)Google Scholar
  18. 18.
    Morgenstern, J., Licata, D.R.: Security-typed programming within dependently typed programming. In: Proc. of the 15th ACM SIGPLAN Int. Conf. on Funct. Prog., ICFP 2010, pp. 169–180. ACM, New York (2010)Google Scholar
  19. 19.
    Myers, A.C.: JFlow: Practical mostly-static information flow control. In: Proc. ACM Symp. on Principles of Programming Languages, pp. 228–241 (January 1999)Google Scholar
  20. 20.
    Myers, A.C., Zheng, L., Zdancewic, S., Chong, S., Nystrom, N.: Jif: Java information flow. Software release (July 2001), Located at
  21. 21.
    Peyton Jones, S., Gordon, A., Finne, S.: Concurrent haskell. In: POPL 1996: Proc. of the 23rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 295–308. ACM, New York (1996)CrossRefGoogle Scholar
  22. 22.
    Peyton Jones, S.L., Wadler, P.: Imperative functional programming. In: Proc. of the ACM Conf. on Principles of Programming, pp. 71–84 (1993)Google Scholar
  23. 23.
    Phung, P.H., Sands, D., Chudnov, A.: Lightweight self-protecting javascript. In: Safavi-Naini, R., Varadharajan, V. (eds.) ACM Symposium on Information, Computer and Communications Security (ASIACCS 2009). ACM Press, Sydney (2009)Google Scholar
  24. 24.
    Pottier, F., Simonet, V.: Information flow inference for ML. In: Proc. ACM Symp. on Principles of Programming Languages, pp. 319–330 (January 2002)Google Scholar
  25. 25.
    Russo, A., Claessen, K., Hughes, J.: A library for light-weight information-flow security in Haskell. In: Haskell 2008: Proc. of the 1st ACM SIGPLAN Symp. on Haskell. ACM (2008)Google Scholar
  26. 26.
    Russo, A., Hughes, J., Naumann, J.D.A., Sabelfeld, A.: Closing Internal Timing Channels by Transformation. In: Okada, M., Satoh, I. (eds.) ASIAN 2006. LNCS, vol. 4435, pp. 120–135. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  27. 27.
    Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. Selected Areas in Communications 21(1), 5–19 (2003)CrossRefGoogle Scholar
  28. 28.
    Sabelfeld, A., Sands, D.: Dimensions and principles of declassification. In: Proc. IEEE Computer Security Foundations Workshop, pp. 255–269 (June 2005)Google Scholar
  29. 29.
    Simonet, V.: Flow caml in a nutshell. In: Hutton, G. (ed.) Proc. of the First APPSEM-II Workshop, pp. 152–165 (March 2003)Google Scholar
  30. 30.
    Simonet, V.: The Flow Caml system. Software release (July 2003),
  31. 31.
    Swierstra, W., Altenkirch, T.: Beauty in the beast. In: Proc. of the ACM SIGPLAN Workshop on Haskell, Haskell 2007, pp. 25–36. ACM, New York (2007)CrossRefGoogle Scholar
  32. 32.
    Tsai, T.C., Russo, A., Hughes, J.: A library for secure multi-threaded information flow in Haskell. In: Proc. of the 20th IEEE Computer Security Foundations Symposium (July 2007)Google Scholar
  33. 33.
    Zdancewic, S.: Programming Languages for Information Security. PhD thesis, Cornell University (July 2002)Google Scholar
  34. 34.
    Zdancewic, S., Zheng, L., Nystrom, N., Myers, A.C.: Untrusted hosts and confidentiality: Secure program partitioning. In: Proc. ACM Symp. on Operating System Principles (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Mauro Jaskelioff
    • 1
  • Alejandro Russo
    • 2
  1. 1.CIFASIS-CONICETUniversidad Nacional de RosarioArgentina
  2. 2.Dept. of Computer Science and EngineeringChalmers University of TechnologySweden

Personalised recommendations