In their POPL 2019 paper, Vassena et al. study the problem of expressiveness of fine-grained and coarse-grained techniques for dynamic information flow control. A notable result of that work is the semantics-preserving translation from a language with a fine-grained dynamic IFC system to a language with a coarse-grained dynamic IFC system, meaning that coarse-grained approaches can track information as precisely as fine-grained ones. In this work, we lift two technical assumptions that stand out among the details of Vassena et al.’s translation. First, the security property for which the equivalence is formally established is termination-insensitive noninterference. Second, both coarse and fine-grained languages are statically typed in a standard (security unaware) way. We derive a novel 2-labeled fine-grained dynamic IFC system, for which we have not found a semantics-preserving approach that is idiomatically coarse-grained. We conjecture that 2-labeled (and generally n-labeled) fine grained monitors unveil an expressiveness gap between the fine-grained and the coarse-grained approaches to dynamic IFC.
Aslan Askarov is an Associate Professor in the Department of Computer Science, Aarhus University. He received his Ph.D. in Computer Science from the Chalmers University of Technology in 2009. Before joining Aarhus University in 2014, he was a Postdoctoral Associate at Harvard University, Cambridge, MA, USA, and earlier at Cornell University, Ithaca, NY, USA. He is a recipient of the Sapere Aude Research Leader grant from the Danish National Science Research Council in 2016. His research interests lie in the areas of computer security and privacy and programming language design and implementation.